[1229] in linux-security and linux-alert archive
[linux-security] lots of in.comsat calls lately...
daemon@ATHENA.MIT.EDU (Bruno Boettcher)
Thu Oct 17 20:28:29 1996
Date: Thu, 17 Oct 1996 09:39:44 +0200 (MET DST)
From: Bruno Boettcher <bboett@erm1.u-strasbg.fr>
Reply-To: bboett@erm1.u-strasbg.fr
To: linux-security@tarsier.cv.nrao.edu
Hello,
last days i had lots of reports about in.comsat calls from other hosts in
my domain....
Are there only goofy users or is there any exploit on this?
[REW: There certainly are holes in comsat when your utmp file is
world writable, (which some people do to be able to strip the suid bit
off xterm and friends.)]
ciao
bboett@erm1.u-strasbg.fr