OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 2nd quarter (Apr-Jun) 1998: Re: kde exploit

Re: kde exploit

Aleph One (aleph1nationwide.net)
Sun, 17 May 1998 01:09:47 -0500

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mimedocserver.cac.washington.edu for more info.

---490605465-493702262-895346977=:4318
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <Pine.SUN.3.94.980517010450.17320Fdfw.dfw.net>

On Sat, 16 May 1998, Catalin Mitrofan wrote:

>
>         Remove the suids from all kde programs ... if you don`t believe
> try this ;-)

Ack. Do not use this exploit without modifying it. The thing attempts to
run 'ssh pentagon.usa.gov -v' if the exploit succeeds, although that host
does not exist.  As always do not run or compile something before you have
inspected it.

Aleph One / aleph1dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

---490605465-493702262-895346977=:4318--