Vulnerability Development mailing list archives
Re: efax
From: H D Moore <hdm () digitaloffense net>
Date: Tue, 15 Jan 2002 20:33:08 -0600
On Tuesday 15 January 2002 07:53 pm, Blue Boar wrote:
H D Moore wrote:This was from a full source install, I havent seen it by default on any distros though.Did "make install" or equivalent put the suid bit on?
Yup ;) hdm@sliver:~/kdeutils-2.2.1/klprfax > grep chown . -r ./efax/fax: case $OWNER in '') ;; *) chown $OWNER /dev/$DEV ;; esac ./efax/Makefile: @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax setuid root" ./efax/Makefile.am: @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax setuid root" ./efax/Makefile.in: @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax setuid root" ./klprfax/klprfax_lpd.in: chown root $SPOOL/klprfax ./klprfax/klprfax_lpd: chown root $SPOOL/klprfax hdm@sliver:~/d/kdeutils-2.2.1/klprfax >
Current thread:
- efax H D Moore (Jan 15)
- <Possible follow-ups>
- Re: efax H D Moore (Jan 16)
- Re: efax s1gnal_9 (Jan 16)
- Re: efax - Exploitation info KF (Jan 17)