Re: rdist exploit [bsdi]

jpfMIG.COM

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Andy Dills: "Re: rdist exploit [bsdi]"
• Previous message: System Manager: "Re: rdist exploit [bsdi]"
• In reply to: Cosimo Leipold: "Re: rdist exploit [bsdi]"
• Next in thread: Chris Caputo: "Re: rdist exploit [bsdi]"

leipold+andrew.cmu.edu said:
>
> With relation to the BSDI rdist exploit, it seems logical that it may
> work on some systems and not others. I don't know what it is
> dependent on, (only have one or two machines to try it on, and they
> both spawned a shell) However some of you might be interested to know
> that it works on a commercial version as well (though there is no
> real reason it shouldnt) But on the following system, it worked, and
> it is a commercial system;
>
> Copyright 1992, 1993, 1994, 1995, 1996 Berkeley Software Design, Inc.
> Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The
> Regents of the University of California.  All rights reserved.
>
> BSDI BSD/OS 2.1 Kernel #8: Sun May 19 XX:XX:XX EDT 1996

Ah, I see you have not installed the patch supplied by BSDI.
Yes, Virginia, there is a patch available which fixes the problem.
You can contact supportbsdi for further information.

--
===============================================================
Jack Flory
Migration Associates Corp.                 Phone:  303-504-9590
6843 East Harvard Avenue                   FAX:    303-504-9589
Denver, Colorado 80224                     email:  jpfmig.com
PGP Key by email to jpfmig.com with a subject of "get pgp key"
===============================================================

• Next message: Andy Dills: "Re: rdist exploit [bsdi]"
• Previous message: System Manager: "Re: rdist exploit [bsdi]"
• In reply to: Cosimo Leipold: "Re: rdist exploit [bsdi]"
• Next in thread: Chris Caputo: "Re: rdist exploit [bsdi]"