Bugtraq mailing list archives
Re: security problems with jidentd
From: scru () TECHNOTRONIC COM (Scott Fuhrman)
Date: Fri, 11 Sep 1998 08:59:05 -0500
I believe this has been discussed before, but it wasnt given much attention At 08:23 PM 9/10/98 -0500, you wrote:
Jidentd is linux-specific. I do not know of any distributions that include jidentd, however there is a copy in the contrib area of RedHat's FTP site. It is apparently popular among the irc crowd due to its ability to provide fake responses to queries. It is believed that it often is run as root. When run in standalone mode it provides no mechanism to drop privilege after binding its socket.
Another identd popular amongst irc patrons that falls into this category is cidentd. It offers the ability to fake responses via a user defined string, and the function that reads this string is vulnerable to buffer overflows. To my knowledge the program is not distributed with any Linux distro, but it was(might be now) once recommended in the ircii-pana(BitchX) documentation. There is also a non public exploit floating around for cidentd1.2b(I believe) which will drop a local user into a root shell. The program is available somewhere on sunsites labyrinth of an ftp server.
Current thread:
- Re: Reading read-protected devices in *BSD, (continued)
- Re: Reading read-protected devices in *BSD Todd C. Miller (Sep 06)
- Re: Reading read-protected devices in *BSD Eivind Eklund (Sep 06)
- Another way to crash HP 5M/5N printers bwoodard () CISCO COM (Sep 05)
- Windows File Share Scanner ZyklonB Zombie (Sep 05)
- Re: Buffer overflow in bash 1.14.7(1) Fiji (Sep 10)
- Re: Buffer overflow in bash 1.14.7(1) Razvan Dragomirescu (Sep 10)
- Fw: Exploit for SCO. Leshka (Sep 10)
- Re: Fw: Exploit for SCO. John W. Temples (Sep 11)
- ISS Vulnerability Alert: Windows Backdoors Update X-Force (Sep 10)
- security problems with jidentd Mitchell Blank Jr (Sep 10)
- Re: security problems with jidentd Scott Fuhrman (Sep 11)
- Cisco security notice: Cisco PIX and CBAC Fragmentation attack psirt () cisco com (Sep 11)
- Re: Buffer overflow in bash 1.14.7(1) //Stany (Sep 05)