Date: Fri, 1 Aug 1997 18:34:16 -0700 From: Jamie Lawrence <jal@thirdwave.com> To: hackers@FreeBSD.ORG Subject: Re: security hole on FreeBSD 2.2.2 Message-ID: <v03102803b0083e1a4d47@[205.217.47.88]> In-Reply-To: <Pine.BSF.3.95q.970801171806.8042B-100000@misery.sdf.com> References: <Pine.LNX.3.91.970801200610.3568F-100000@zen.cypher.net>
next in thread | previous in thread | raw e-mail | index | archive | help
The poster might be thinking of suidperl*, which I believe
does pose security problems in some cases.
-j
>On Fri, 1 Aug 1997, Ben Black wrote:
[...]
> But what the hell is superl? I don't think it comes with 2.2.2.
>
>Tom
>
>
>> On Fri, 1 Aug 1997, Sergio Lenzi wrote:
>>
>> >
>> >
>> >
>> > Hello all
>> >
>> > Forgive me to send this message on this list.
>> >
>> > There is a security hole on FreeBSD 2.2.2
>> >
>> > This is done using a script and a superl* on /usr/bin
>> >
>> > A friend of mine received root priority by telneting to my machine (2.2.2)
>> > and executing a perl script.
>> >
>> > My solution: remove /usr/bin/superl*
>> >
>> > Hope this can helphelp
>> >
>> >
>>
>>
--
"I am about to, or going to, die. Either expression is used."
--Last words of Mme. Brouhors, Grammarian, August, 1752.
__________________________________________________________________
jamie@42is.com Special Agent jal@acm.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v03102803b0083e1a4d47>