Re: UUCP

From: Bob Howard (rehat_private)
Date: Fri Nov 30 2001 - 05:48:17 PST

Next message: Aaron C. Newman: "ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability"

Previous message: Rapid 7 Security Advisories: "Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing"
In reply to: Izik: "UUCP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Izik wrote:
> 
> Hello
> 
> i've found buffer overflow in uucp. in BSDi platform
...
> since uucp is by nature suid. and the ownership is by uucp
> i don't see the real profit.

Don't know about BSDi, but on Solaris uucp owns tip, uuencode, uudecode,
and others.  So if I can use this vuln to su uucp, I can trojan e.g.
tip.  Then the next time root runs what he thinks is tip, I've got the
box.

Bob
--
Robert Howard                   University of Michigan
Lead System Administrator       IT Central Services
Strategic Projects Operations

Next message: Aaron C. Newman: "ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability"
Previous message: Rapid 7 Security Advisories: "Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing"
In reply to: Izik: "UUCP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 30 2001 - 15:16:04 PST