Vulnerability Development mailing list archives

Re: Possible exploit in FreeBSD 4.0

From: Crist Clark <crist.clark () GLOBALSTAR COM>
Date: Fri, 27 Oct 2000 10:38:44 -0700

John Herron wrote:

[snip]

to get in as "root".  I was just curious if anyone had a box they could sacrifice to test that.. (installing more 
than your HD can handle) and see if they get the same results.  If you have to be root to install (which seems to be 
the case) then I guess its only good for a physical access exploit.


If you are having trouble installing FreeBSD, it is really more of a topic
to discuss on freebsd-questions () freebsd org than vuln-dev.

The only security related issue you have mentioned is that you get root
at the console of a fscked up machine. This is a feature not a bug. A
FreeBSD system by default will drop into single-user mode at a reboot if
it gets unrecoverable errors when trying to reach multi-user (which a full
disk may very well cause). It drops to a root prompt without requiring a
password. Again, this is a feature, not a bug, since the behavior can be
disabled by labling the console as 'insecure' in /etc/ttys. If that is
done, the system will still drop to single-user mode, but will require a
password.

HTH, and if you really have questions about an install, you can get some
help at the FreeBSD questions list... just maybe think about putting
newlines in your text every 72 columns or so rather than putting your
paragraphs all on one line.
--
Crist J. Clark                                Network Security Engineer
crist.clark () globalstar com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmaster () globalstar com

Current thread:

Possible exploit in FreeBSD 4.0 John Herron (Oct 27)
- Re: Possible exploit in FreeBSD 4.0 Mark (Oct 27)
  - Squid doesn't quote urls in error messages. Lincoln Yeoh (Oct 28)
    - Re: Squid doesn't quote urls in error messages. Robert Collins (Oct 29)
    - Re: Squid doesn't quote urls in error messages. 3APA3A (Oct 29)
- Re: Possible exploit in FreeBSD 4.0 The Psychotic Viper (Oct 28)
- Re: Possible exploit in FreeBSD 4.0 Kris Kirby (Oct 30)
- <Possible follow-ups>
- Re: Possible exploit in FreeBSD 4.0 John Herron (Oct 28)
  - Re: Possible exploit in FreeBSD 4.0 Mark (Oct 28)
    - Re: Possible exploit in FreeBSD 4.0 packetWhore (Oct 29)
  - Re: Possible exploit in FreeBSD 4.0 Crist Clark (Oct 29)
- Re: Possible exploit in FreeBSD 4.0 John Herron (Oct 30)