Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1994: Re: wu-ftpd info.

Re: wu-ftpd info.

Marc W. Mengel (mengeldcdmwm.fnal.gov)
Wed, 13 Apr 94 13:57:05 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: der Mouse: "Re: wu-ftpd info."
Previous message: Gene Spafford: "Re: wu-ftpd info."
In reply to: Ken Hardy: "Re: wu-ftpd info."
Next in thread: Christopher Klaus: "Re: wu-ftpd info."

In <9404131412.AA01024racerx>  you write:
  
  What are the dangers posed by someone gaining root access, as through a
  trojaned ftpd, in a _chrooted_ environment, assuming that the environment
  gets chrooted before there's any chance of compromise?  Granted, you
  don't want strangers enabled to wreak havoc with your ftp heirarchy
  (and planting _more_ trojans), but what kind of threats can be posed
  to the rest of the system from such a toehold?


Quickest is to put a mknod  and dump executable in the filetree, start 
doing mknod's of block devices, have dump spew them back to your local 
host where you can read any files you want with restore...

Marc

Next message: der Mouse: "Re: wu-ftpd info."
Previous message: Gene Spafford: "Re: wu-ftpd info."
In reply to: Ken Hardy: "Re: wu-ftpd info."
Next in thread: Christopher Klaus: "Re: wu-ftpd info."