Date: Thu, 8 Jan 1998 16:20:06 -0800 (PST) From: Jan Koum <jkb@best.com> To: freebsd-bugs Subject: Re: bin/5434: "backdoor" in fingerd allows execution of commands Message-ID: <199801090020.QAA22509@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/5434; it has been noted by GNATS.
From: Jan Koum <jkb@best.com>
To: fosters@dvalley.demon.co.uk
Cc: FreeBSD-gnats-submit@freebsd.org, GNATS Management <gnats@freebsd.org>,
freebsd-bugs@hub.freebsd.org
Subject: Re: bin/5434: "backdoor" in fingerd allows execution of commands
Date: Thu, 8 Jan 1998 16:09:35 -0800 (PST)
On Mon, 5 Jan 1998 fosters@dvalley.demon.co.uk wrote:
>
>>How-To-Repeat:
>
> At a shell prompt type:
>
> % finger `ls`
>
> Will give a directory listing of the current directory. If you telnet
> to port 79, you can use it almost like a shell.. e.g.
>
> % telnet localhost 79
>
> then type:
>
> `rm -R /`
>
> and say goodbye to /. fingerd was running as root on my system, bad
> news!
>
Did you actually try it on your system?
-- Yan
>>Fix:
>
> Comment out fingerd from the inetd.conf and reboot or kill -HUP 126
>
>>Audit-Trail:
>>Unformatted:
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199801090020.QAA22509>