NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2000-05

Subject: FW: Security Notice: Big Brother System and Network Monitor
From: Cunningham Stace D MSgt 2 AF/XTI (stace.cunninghamKEESLER.AF.MIL)
Date: Thu May 18 2000 - 15:13:33 CDT

Next message: Jim Paris: "Kerberos ksu and krshd exploits"
Previous message: bacano: "Fw: [suse-security-announce] SuSE Security Announcement - kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: Robert-Andre Croteau [mailto:robertwww.bb4.com]
Sent: Thursday, May 18, 2000 2:53 PM
To: stace.cunninghamkeesler.af.mil
Subject: Security Notice: Big Brother System and Network Monitor

                 ===========================
                 Big Brother Security Notice
                 ===========================

Versions: All prior to 1.4g

Module: bbd.c (the bb server: BBDISPLAY/BBPAGER)

Affects: All BBDISPLAY/BBPAGER machines (running bbd)

Summary: Vulnerabilities exists such that
arbitrary commands can be executed with the same
userid/permissions as the user running bbd.

Fix: Download and install version 1.4g from http://bb4.com

          If you have a fairly recent version of BB (1.3a+) you may
          be able to download version 1.4g from http://bb4.com and replace
          your current bbd.c/bb.h with the ones from the 1.4g archive.
          Recompile bbd (make) and reinstall(make install). YMMV !

Note: BB should not be run as root!

          Particularly vulnerable are the servers that are not
          protected by firewalls (nothing new!) , that do not
          use the etc/security file and use the enable/disable
          feature (optional and user compiled-in).

This is a different notice than the one sent out
on May 4th 2000.

          If you wish to be removed from this list please send mail
          to robertbb4.com. Some of you may receive multiple
          due to the fact that you downloaded BB multiples times
          and entered a different e-mail address each time. Let
          me know which address is valid and which are not.

Found by: Bryan Deeney <bdeeneyastro.ocis.temple.edu>, Thanks!

---
Robert-Andre Croteau
BB4 Technologies Inc.
robertbb4.com

Next message: Jim Paris: "Kerberos ksu and krshd exploits"
Previous message: bacano: "Fw: [suse-security-announce] SuSE Security Announcement - kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]