[1474] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-alert] SuperProbe and others

daemon@ATHENA.MIT.EDU (Alexander O. Yuriev)
Thu Mar 6 13:45:53 1997

From: "Alexander O. Yuriev" <alex@yuriev.com>
To: linux-alert@redhat.com
cc: linux-security@redhat.com
Date: Thu, 06 Mar 97 12:50:31 -0500
Resent-From: linux-alert@redhat.com
Reply-To: linux-alert@redhat.com

Hi,

	Recently once again an exploit for SuperProbe was posted to the
bugtraq. That message was forwarded to linux-security and Rogier Wolff 
rejected it on the basis of the author of the SuperProbe (David Wexelblatt) 
comment that it was never intended to be suid.
	In general, there is absolutely no reason for programs that are
supposed to be run only by root to be suid to root!
	If your installation has SuperProbe suid to root, remove the suid
bit from it. There is no need to users to run this program. While you are at
it, seriously consider removing SVGAlib programs from your system

Alex


home help back first fref pref prev next nref lref last post