Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_1

Bugtraq archives for 1st quarter (Jan-Mar) 1994: (none)

(none)

Jeff Beadles (jeffneon.rain.com)
Thu, 24 Mar 1994 18:32:31 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: jlacourmerle.acns.nwu.edu: "Re: /etc/utmp"
Previous message: Stan Barber: "Re: NFS problems"
In reply to: Aleph One: "utmp"
Next in thread: jlacourmerle.acns.nwu.edu: "Re: /etc/utmp"

>Hmm, anyone can explain a bit more the recent CERT advisory on /etc/utmp.
>I assume the attakers where able to obtain root by fooling programms that
>only use the information in /etc/utmp for authentication, instead of
>calling for the users user id  and real user id. anyone mind extending
>this description...


Some programs will write directly to "devices" found in /etc/utmp,
without validating that they are really user's tty devices.

	-Jeff
-- 
Jeff Beadles       jeffneon.rain.com

Next message: jlacourmerle.acns.nwu.edu: "Re: /etc/utmp"
Previous message: Stan Barber: "Re: NFS problems"
In reply to: Aleph One: "utmp"
Next in thread: jlacourmerle.acns.nwu.edu: "Re: /etc/utmp"