Bugtraq mailing list archives
Re: hylafax
From: "Przemyslaw Frasunek" <venglin () freebsd lublin pl>
Date: Mon, 15 Oct 2001 05:55:59 +0200
As has been pointed out on the hylafax-devel () hylafax org mailing list,
this
exploit is only useful for those installations which have set hfaxd to
suid
root. The standard HylaFAX installation does not do this.
This exploit is designed for hylafax compiled on FreeBSD, where faxrm is suid uucp. Gaining uid=uucp on FreeBSD < 4.4 provides easy root compromise (see FreeBSD SA-01:62). -- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * * Inet: przemyslaw () frasunek com ** PGP: D48684904685DF43EA93AFA13BE170BF *
Current thread:
- Re: hylafax Przemyslaw Frasunek (Oct 14)
- Re: hylafax Lee Howard (Oct 15)
- Re: hylafax Przemyslaw Frasunek (Oct 15)
- Re: hylafax Lee Howard (Oct 15)