OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Nightwriter (jameslivecam.com)
Date: Wed Jan 31 2001 - 01:37:13 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ooops sorry forgot the URL on the last one my apologies

    http://www.duskglow.com/software.php3

    James

    Nothing causes more computer problems than users..... eliminate the
    problem. Kill your users (hehe)

    At 10:07 AM 12/14/00 +1100, you wrote:
    >so joe-blow writes 8754 to the pid file, which is your httpd process.
    >you restart acupsd but the kill-pid in the file is now your httpd pid.
    >which gets killed and not restarted. you mightn't notice until
    >a day later when you've lots X hundred thousand $$ in e-commerce or
    >whatever.
    >
    >they're talking about /etc/rc.d/init.d/acupsd restart as opposed
    >to shutdown -r now or whatever...
    >
    >- Tim
    >
    >Henrik Edlund wrote:
    >
    > > Exact what is the security risk here? All process are shut down during a
    > > restart/stop anyway. May it be in a clean or less clean way.
    > >
    > > On Tue, 12 Dec 2000, Linux Mandrake Security Team wrote:
    > >
    > > >
    > > > Linux-Mandrake Security Update Advisory
    > > > ________________________________________________________________________
    > > >
    > > > Package name: apcupsd
    > > > Date: December 12th, 2000
    > > > Advisory ID: MDKSA-2000:077
    > > >
    > > > Affected versions: 7.2
    > > > ________________________________________________________________________
    > > >
    > > > Problem Description:
    > > >
    > > > A problem exists with the apcupsd daemon. During startup, apcupsd
    > > > creates a PID file in /var/run with the ID of the daemon process. This
    > > > file is used by the shutdown script to kill the daemon process. The
    > > > /var/run/apcupsd.pid file is created with mode 666 permissions, meaning
    > > > it is world-writeable. A malicious user can overwrite the file with
    > > > arbitrary process IDs and those proceses will be killed instead of the
    > > > apcupsd process during the restart or stop of the apcupsd daemon.
    > > > ________________________________________________________________________
    > >
    > > --
    > > Henrik Edlund <henrikedlund.org> (HE2914-RIPE)
    > > http://www.edlund.org/
    > >
    > > "They were in the wrong place at the wrong time.
    > > Naturally they became heroes."
    > > Leia Organa of Alderaan, Senator