Vulnerability Development mailing list archives

Re: efax

From: H D Moore <hdm () digitaloffense net>
Date: Tue, 15 Jan 2002 20:33:08 -0600

On Tuesday 15 January 2002 07:53 pm, Blue Boar wrote:

H D Moore wrote:

This was from a full source install, I havent seen it by default on any
distros though.


Did "make install" or equivalent put the suid bit on?


Yup ;)

hdm@sliver:~/kdeutils-2.2.1/klprfax > grep chown . -r
./efax/fax:     case $OWNER in '') ;; *) chown $OWNER /dev/$DEV ;; esac
./efax/Makefile:        @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax 
setuid root"
./efax/Makefile.am:     @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax 
setuid root"
./efax/Makefile.in:     @(chown root $(bindir)/efax && chmod 4755 $(bindir)/efax) || echo "Was not able to make efax 
setuid root"
./klprfax/klprfax_lpd.in:    chown root $SPOOL/klprfax
./klprfax/klprfax_lpd:    chown root $SPOOL/klprfax
hdm@sliver:~/d/kdeutils-2.2.1/klprfax >

Current thread:

efax H D Moore (Jan 15)
- Re: efax Bernhard Rosenkraenzer (Jan 15)
  - Re: efax H D Moore (Jan 15)
    - Re: efax Blue Boar (Jan 15)
    - Re: efax H D Moore (Jan 16)
    - Re: efax KF (Jan 16)
    - Re: efax sysop (Jan 16)
- <Possible follow-ups>
- Re: efax H D Moore (Jan 16)
- Re: efax s1gnal_9 (Jan 16)
  - Re: efax - Exploitation info KF (Jan 17)