Re: smbd remote file creation vulnerability

From: Michal Zalewski (lcamtufat_private)
Date: Wed Jun 27 2001 - 17:11:16 PDT

Next message: sarnoldat_private: "Re: smbd remote file creation vulnerability"

Previous message: Steve Beattie: "Re: smbd remote file creation vulnerability"
In reply to: Joachim Blaabjerg: "Re: smbd remote file creation vulnerability"
Next in thread: sarnoldat_private: "Re: smbd remote file creation vulnerability"
Next in thread: Fatal Connect: "Re: smbd remote file creation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 26 Jun 2001, Joachim Blaabjerg wrote:

> No, not directly, but if your `su` uses PAM to authenticate users and
> PAM reacts to the spaces in the beginning of the passwd file, it
> surely has something to do with PAM. To check whether `su` uses PAM or
> not, try "ldd `which su`|grep libpam"

/etc/passwd is not the only place you might want to modify. Think of
rc.local or anything like that.

-- 
_____________________________________________________
Michal Zalewski [lcamtufat_private] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=

Next message: sarnoldat_private: "Re: smbd remote file creation vulnerability"
Previous message: Steve Beattie: "Re: smbd remote file creation vulnerability"
In reply to: Joachim Blaabjerg: "Re: smbd remote file creation vulnerability"
Next in thread: sarnoldat_private: "Re: smbd remote file creation vulnerability"
Next in thread: Fatal Connect: "Re: smbd remote file creation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 13:33:55 PDT