Date: Tue, 25 Jun 1996 13:28:02 -0700 (PDT) From: -Vince- <vince@mercury.gaianet.net> To: torstenb@tlk.com Cc: Gary Palmer <gpalmer@freebsd.org>, security@freebsd.org, Chad Shackley <chad@mercury.gaianet.net>, jbhunt <jbhunt@mercury.gaianet.net> Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <Pine.BSF.3.91.960625132726.25073G-100000@mercury.gaianet.net> In-Reply-To: <m0uYUeO-00022NC@solar.tlk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 25 Jun 1996, Torsten Blum wrote: > Gary Palmer wrote: > > > [ CC: Trimmed ] > > > > > Yeah, that's the real question is like if he can transfer the > > > binary from another machine and have it work... other people can do the > > > same thing and gain access to FreeBSD boxes as root as long as they have > > > a account on that machine... > > > > Sort of. You need root access in the first place to create a suid root > > shell... It could be an old exploit that is now closed (like the > > mount_union loophole)... > > Or the telnetd environment hole - it was possible to become root via telnet > without an account on the target machine. What was the telnetd hole? Vince
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960625132726.25073G-100000>