Re: Vulnerability in 4.4BSD Secure Levels Implementation

From: Roger Harrison ? (rharri01at_private)
Date: Mon Jun 29 1998 - 17:57:37 PDT

Next message: David Luyer: "Exmh hangs from BUGTRAQ posts [fix]"

Previous message: Praveen Yaramada: "Patched Qpopper2.5 release Notification."
Maybe in reply to: Niall Smart: "Vulnerability in 4.4BSD Secure Levels Implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 29 Jun 1998, Niall Smart wrote:

> On Jun 26,  8:41am, Tim Newsham wrote:
> } Subject: Re: Vulnerability in 4.4BSD Secure Levels Implementation
> > >
> > >  - The syslogd daemon can be covertly compromised, so no useful
> > >    information ever gets logged to the protected system logs.  But at
> > >    least no-one can modify the useless information.
> >
> > Be smart, niall, syslog can only be compromised after the system
> > has been compromised.

uhm, not necessarily.
The pinelock.csh script I wrote around 12/97 and posted to bugtraq
could kill syslogd if root opens up two sessions of pine.
It is a local exploit.

http://kepler.poly.edu/~rharri01
iconoclastat_private

-Iconoclast

Next message: David Luyer: "Exmh hangs from BUGTRAQ posts [fix]"
Previous message: Praveen Yaramada: "Patched Qpopper2.5 release Notification."
Maybe in reply to: Niall Smart: "Vulnerability in 4.4BSD Secure Levels Implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:55 PDT