Date: Fri, 15 Dec 2000 07:53:32 -0000 From: "John Howie" <JHowie@msn.com> To: "Kris Kennaway" <kris@freebsd.org>, <security@freebsd.org> Subject: Re: Details of www.freebsd.org penetration Message-ID: <00c401c0666c$1f63cff0$9207c00a@local> References: <20001214070649.A25429@citusc.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris, Any chance you could let us know exactly what 'local root vulnerability' was exploited. As I recall it was originally stated that no weakness in FreeBSD itself had been leveraged. I appreciate that the hacker gained access to the system via CGI (and not a FreeBSD weakness) but once in he/she became root through some other means. Was this vulnerability a configuration issue or simply a known problem that had not been addressed? Thanks, john... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00c401c0666c$1f63cff0$9207c00a>