Bugtraq mailing list archives

Re: RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)

From: Wichert Akkerman <wichert () CISTRON NL>
Date: Mon, 13 Nov 2000 18:23:50 +0100

Previously Keith Owens wrote:

This bug was introduced to modutils in March 12 1999, it does not
affect modutils 2.1.121.  modprobe tries echo as the last ditch file
expansion method, using popen.  There is no good reason to do that.


It also does not affect version 2.3.11, which also mean that Debian
potato is not vulnerable.

Wichert.

--
  _________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert () liacs nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Current thread:

RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd) Michal Zalewski (Nov 13)
- Re: RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd) Keith Owens (Nov 14)
  - Re: RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd) Wichert Akkerman (Nov 14)
  - Re: RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd) Michal Zalewski (Nov 16)
- Re: RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd) Olaf Kirch (Nov 14)