Re: Severe bug in cfingerd before 1.4.0

From: Martin Schulze (joeyat_private)
Date: Thu Aug 12 1999 - 03:00:25 PDT

Next message: Jonathan Chapman: "3com hiperarch flaw [hiperbomb.c]"

Previous message: rusdeltaat_private-STUTTGART.DE: "Security Bulletins Digest"
Maybe in reply to: Martin Schulze: "Severe bug in cfingerd before 1.4.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stefan Chakerian wrote:
> On Tue, 10 Aug 1999, Martin Schulze wrote:
> >   A serious bug in cfingerd before version 1.4.0 has been reported.
> >   It is present in all versions of cfingerd from 1.2.0 up to any
> >   version of 1.3.2.  If configured accordingly this bug enables any
> >   local user to execute random programs with root priviledges.
>
> Cool, you can execute RANDOM programs as root?  Is that kind of like

Hmm, that should read arbitrary, sorry for my poor English.  It's not
my native language.

Regards,

	Joey

--
The MS-DOS filesystem is nice for removable media.  -- H. Peter Anvin

Next message: Jonathan Chapman: "3com hiperarch flaw [hiperbomb.c]"
Previous message: rusdeltaat_private-STUTTGART.DE: "Security Bulletins Digest"
Maybe in reply to: Martin Schulze: "Severe bug in cfingerd before 1.4.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:09 PDT