Date: Wed, 30 Jun 1999 16:18:10 +0200 From: Ladavac Marino <mladavac@metropolitan.at> To: 'Bill Fumerola' <billf@chc-chimes.com>, David O'Brien <obrien@FreeBSD.ORG> Cc: Bill Fumerola <billf@jade.chc-chimes.com>, hackers@FreeBSD.ORG Subject: RE: tcpdump(1) additions. Message-ID: <55586E7391ACD211B9730000C11002761796C5@r-lmh-wi-100.corpnet.at>
next in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Bill Fumerola [SMTP:billf@chc-chimes.com] > Sent: Wednesday, June 30, 1999 11:54 AM > To: David O'Brien > Cc: Bill Fumerola; hackers@FreeBSD.ORG > Subject: Re: tcpdump(1) additions. > > On Wed, 30 Jun 1999, David O'Brien wrote: > > > Hmmm.. but a non-superuser never sees any of those malicious packets, > and > the program is not installed suid, so how would that happen? [ML] Simple. One of these bad packets makes the currently executing copy of tcpdump (invoked by superuser) install a backdoor on the system. Probably with root privileges, too. An actual exploit thereof is probably not that simple, but possible nevertheless. /Marino > - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons > corp - > - ph:(800) 252-2421 - bfumerol@computerhorizons.com - > billf@FreeBSD.org - > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55586E7391ACD211B9730000C11002761796C5>