Bugtraq mailing list archives
Re: /usr/sbin/audlinks vulnerability
From: optyx <optyx () UBERHAX0R NET>
Date: Mon, 8 Jan 2001 19:22:20 -0800
It was never stated you could use audlinks to gain root through rsh/rlogin. in my post I said you could use it to clobber (overwrite to clarify because obviously I have to) audlinks like many programs doesn't fstat the file it opens with O_RDWR access properly. As far as this posing a threat to a systems files, its highly unlikely. This was just notice of failure to fstat properly, which could lead to problems. And audlinks is executed on boot with static arguements, so this is not vulnerable. -Optyx http://www.uberhax0r.net
Current thread:
- Re: /usr/sbin/audlinks vulnerability //Stany (Jan 02)
- <Possible follow-ups>
- Re: /usr/sbin/audlinks vulnerability Konrad Rieck (Jan 08)
- Re: /usr/sbin/audlinks vulnerability optyx (Jan 09)