Hello,
I'm trying to figure out some possible attack on one DU machine, at that
time running 4.0B, patched. One clever user stores in his $HOME few nice
files, containing list of SUID files, include those Networker SUID shell
scripts :(, and also
-rw-rw-rw- 1 root system 0 Dec 6 07:46 alerts.advfsd.lockfile
-rw-r--r-- 1 root system 84 Dec 6 07:58 dtpad.log
Does anyone know, in which directory should they appear? They are not in
/tmp, at least now. Is there any know exploit on that world-writable file?
TIA
Martin
-------------------------------------------------------------------------
| Martin MOKREJS - Net&SysAdmin |
| PGP 5.0i key at: finger://mail.natur.cuni.cz/mmokrejs |
| mmokrejs_at_natur.cuni.cz Faculty of Science, The Charles University |
| tel.: +420-2-2195 2315 Albertov 6, PRAGUE 2, 128 43, Czech Republic |
-------------------------------------------------------------------------
Received on Tue Apr 21 1998 - 01:55:34 NZST