Bugtraq mailing list archives
lightbar vulnerability
From: root () OBERPHLOW ORG (Config Urator)
Date: Sun, 1 Nov 1998 21:08:39 -0400
Lightbar Vulnerability - Found 11/01/98 by OberphloW (Config Urator) --------------------------------------------------------------------- any reply to: config () i-p-d com - Gives * remote root access - How? Ok. here we start, i download lightbar, install, configure, and run. kewlio, it works and all, suddenly that qute "guest" option gets my attention. so i decide to check it out. here is the bug. if lightbar doesnt find or cant execute the file its supposed to execute for the "guest" account it will just drop you a bash! and it doesnt even bother to setuid() setgid() to guest. so it drops a REMOTE ROOT BASH to anyone who logs in as guest. - How do i make sure sum1 dont use this against me? easy, just make sure no1 can erase or change permissons of the file that "guest" account will execute. - How to fix this if im stupid and want ppl to have +w to the file? on: shell.c remove lines from: 163 to 170 att... Config Urator (config () i-p-d com)
Current thread:
- lightbar vulnerability Config Urator (Nov 01)
- Re: lightbar vulnerability Aaron Bornstein (Nov 04)
- security patch for ssh-1.2.26 kerberos code Tatu Ylonen (Nov 04)