Date: Sun, 7 Nov 1999 14:04:20 -0800 From: Chris Piazza <cpiazza@home.net> To: Matt Behrens <matt@zigg.com> Cc: freebsd-security@FreeBSD.ORG, skalir scalar <skalir@hotmail.com> Subject: Re: file name with questions - rm on it seg faults!!! Message-ID: <19991107140420.A6070@norn.ca.eu.org> In-Reply-To: <Pine.BSF.4.10.9911071501150.75101-100000@megaweapon.zigg.com>; from matt@zigg.com on Sun, Nov 07, 1999 at 03:05:42PM -0500 References: <19991107183534.5193.qmail@hotmail.com> <Pine.BSF.4.10.9911071501150.75101-100000@megaweapon.zigg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 07, 1999 at 03:05:42PM -0500, Matt Behrens wrote: > On Sun, 7 Nov 1999, skalir scalar wrote: > > : some fool on my system which I have removed but not his home > : directory had this in it: > : > : (root@hidden)[hidden]% ls -a > : ?YOUR PUBLIC SSH1 KEY (-b 512) GOES HERE!? . .. > : (root@hidden)[hidden]% rm -Rf *YOUR* > : Segmentation fault (core dumped) > : > : so how the fuck can I remove it? > : > : thx! > > Hardly seems security-related. Would have been much better asked > in -questions, and sans profanity (it sure doesn't seem like a > situation where profanity is called for.) Actually this does have some relevence to -security; it's created by the exploit outlined in ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:05.fts.asc See http://www.freebsd.org/cgi/getmsg.cgi?fetch=89776+0+/usr/local/www/db/text/1999/freebsd-security/19990905.freebsd-security and click the 'next in thread' link there. I'd suggest that he updates his machine to 3.3-RELEASE or -STABLE... > > First of all, since > > touch '?YOUR PUBLIC SSH1 KEY (-b 512) GOES HERE!?' > > creates this file, it's logical to presume that > The actual problem is the directory tree beneath that. The fact that it's still called "YOUR PUBLIC SSH1 KEY..." is a pretty good example of a script kiddie who can't even read instructions :-). -Chris -- cpiazza@home.net cpiazza@FreeBSD.org Abbotsford, BC, Canada To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991107140420.A6070>