I believe this has been discussed before, but it wasnt given much attention At 08:23 PM 9/10/98 -0500, you wrote: >Jidentd is linux-specific. I do not know of any distributions that >include jidentd, however there is a copy in the contrib area of >RedHat's FTP site. It is apparently popular among the irc crowd due >to its ability to provide fake responses to queries. It is believed >that it often is run as root. When run in standalone mode it provides >no mechanism to drop privilege after binding its socket. Another identd popular amongst irc patrons that falls into this category is cidentd. It offers the ability to fake responses via a user defined string, and the function that reads this string is vulnerable to buffer overflows. To my knowledge the program is not distributed with any Linux distro, but it was(might be now) once recommended in the ircii-pana(BitchX) documentation. There is also a non public exploit floating around for cidentd1.2b(I believe) which will drop a local user into a root shell. The program is available somewhere on sunsites labyrinth of an ftp server.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:16:09 PDT