[1474] in linux-security and linux-alert archive
[linux-alert] SuperProbe and others
daemon@ATHENA.MIT.EDU (Alexander O. Yuriev)
Thu Mar 6 13:45:53 1997
From: "Alexander O. Yuriev" <alex@yuriev.com>
To: linux-alert@redhat.com
cc: linux-security@redhat.com
Date: Thu, 06 Mar 97 12:50:31 -0500
Resent-From: linux-alert@redhat.com
Reply-To: linux-alert@redhat.com
Hi,
Recently once again an exploit for SuperProbe was posted to the
bugtraq. That message was forwarded to linux-security and Rogier Wolff
rejected it on the basis of the author of the SuperProbe (David Wexelblatt)
comment that it was never intended to be suid.
In general, there is absolutely no reason for programs that are
supposed to be run only by root to be suid to root!
If your installation has SuperProbe suid to root, remove the suid
bit from it. There is no need to users to run this program. While you are at
it, seriously consider removing SVGAlib programs from your system
Alex