Bugtraq mailing list archives
Re: Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier)
From: David Terrell <dbt () meat net>
Date: Thu, 20 Sep 2001 14:59:39 -0700
On Thu, Sep 20, 2001 at 09:48:34PM +0200, Przemyslaw Frasunek wrote:
[snip] in session.c, which allows to read ANY file in system with superuser privileges, by defining: default:\ :copyright=/etc/master.passwd: or :welcome=/etc/master.passwd: in user's ~/.login_conf. [snip telnetd/login] default:\ :nologin=/etc/master.passwd: [blah blah FreeBSD core] Official advisory is pending. It's possible, that other *BSD systems, supporting login capability database are also vulnerable.
I can't duplicate either of these with OpenBSD 2.9. -- David Terrell | "My question is, if a mime types, isn't dbt () meat net | that kinda cheating?" http://wwn.nebcorp.com/ | - Jason Zych
Current thread:
- Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier) Przemyslaw Frasunek (Sep 20)
- Re: Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier) David Terrell (Sep 20)
- Re: Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier) Alexander Yurchenko (Sep 20)
- Re: Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier) Emre Yildirim (Sep 21)
- Re: Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier) David Terrell (Sep 20)