|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: optyx (optyx
UBERHAX0R.NET)Date: Mon Jan 08 2001 - 21:22:20 CST
It was never stated you could use audlinks to gain root through
rsh/rlogin.
in my post I said you could use it to clobber (overwrite to clarify
because obviously I have to)
audlinks like many programs doesn't fstat the file it opens with O_RDWR
access properly.
As far as this posing a threat to a systems files, its highly
unlikely. This was just notice of failure to fstat properly, which could
lead to problems.
And audlinks is executed on boot with static arguements, so this is not
vulnerable.
-Optyx
http://www.uberhax0r.net
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]