Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_1

Bugtraq archives for 1st quarter (Jan-Mar) 1997: Re: XDM bug

Re: XDM bug

jamie (batsyinterlog.com)
Fri, 3 Jan 1997 14:55:21 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mr. ManX: "Re: XDM bug"
Previous message: Steve \: "Re: XDM bug"
In reply to: Steve \: "Re: XDM bug"
Next in thread: Alex Belits: "Re: XDM bug"

:On Thu, 2 Jan 1997, Angel Ortiz wrote:
:[...]
:> System: UNIX Ware systems with X
:>
:> Symptom:
:> /usr/X/bin/xdm is setuid
:[...]
:> Any way, please verify xdm setuid on your systems and please let the
:> bugtraq news group know if it exists on other systems.

BSDi 2.1 is also not vulnerable. Even if it was suid, this problem can
be (briefly) alleviated by popping it in you respectice /etc/rc.* file as
opposed to starting it as a user.

-j


"The beatings will continue until morale improves."
Jamie Reid, Jr Sys-admin, batsyinterlog.com x232

Next message: Mr. ManX: "Re: XDM bug"
Previous message: Steve \: "Re: XDM bug"
In reply to: Steve \: "Re: XDM bug"
Next in thread: Alex Belits: "Re: XDM bug"