Last week I posted a question about the recent articles on Bugtraq about DU
4.0x buffer overflows. Well, exploit code was posted and even scarier, it
worked flawlessly.
I'm not too sure if posting the bugtraq message with the exploit is
acceptable on this list, so I won't. You can find it easily on bugtraq:
From: Lamont Granquist <lamontg_at_RAVEN.GENOME.WASHINGTON.EDU>
Subject: Digital Unix Buffer Overflows: Exploits
Lamont was kind enough to respond to my original message on this list. He
said it would be a very good idea to wrap all setuid-root binaries, and we
are evaluating this option right now. He also said not to worry unless you
system is at an ISP, University, etc. well the one I am worried about is
in the Computer Science department of a major University and is accessable
to any undergrad or grad who applies for an account.
If you go and search for his articles, I suggst doing a
"chmod 111 /usr/bin/mh/inc" first :) His articles contain VERY useful
information on what to do in response to this slight ;) bug.
Thanks Lamont!
--Eric
--
Eric Gatenby -=- raptor_at_mailhub.com -=- egatenby_at_mailhub.com
http://www.netaxs.com/~raptor/ -=- PGP: Web page or key server
#include <netinet/disclaimer.h> /* Standard Internet disclaimer */
Received on Tue Feb 02 1999 - 00:15:03 NZDT