Date: Fri, 1 Aug 1997 17:15:19 -0700 (PDT) From: Tom Samplonius <tom@sdf.com> To: Dan Riley <daniel@vailsys.com> Cc: Sergio Lenzi <lenzi@bsi.com.br>, hackers@freebsd.org Subject: Re: security hole on FreeBSD 2.2.2 Message-ID: <Pine.BSF.3.95q.970801171241.8042A-100000@misery.sdf.com> In-Reply-To: <Pine.BSF.3.91.970801185128.6383A-100000@crocodile>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 1 Aug 1997, Dan Riley wrote: > > > On Fri, 1 Aug 1997, Sergio Lenzi wrote: > > > > > > > > > Hello all > > > > Forgive me to send this message on this list. > > > > There is a security hole on FreeBSD 2.2.2 > > > > This is done using a script and a superl* on /usr/bin > > > > A friend of mine received root priority by telneting to my machine (2.2.2) > > and executing a perl script. > > > > My solution: remove /usr/bin/superl* > > > > Hope this can helphelp > > > > Ditto, at least 3 of my machines were hacked using this method, all of > which were installed last week. (2.2.2-R) > > > Huh? I'm looking at /usr/bin/ on couple of 2.2.2 machines and there is no superl*... what is that file supposed to be anyhow? Are you sure you did not install from a tainted distribution that had a backdoor installed? Or, were you fooled in running a trojan horse as root and it created the superl* file? Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970801171241.8042A-100000>