[1597] in linux-security and linux-alert archive
[linux-security] Re: Re: Re: Getting root on Linux
daemon@ATHENA.MIT.EDU (Klaus Steding-Jessen)
Fri Aug 29 13:17:45 1997
Date: Fri, 29 Aug 1997 11:36:25 -0300
From: Klaus Steding-Jessen <jessen@ahand.unicamp.br>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.93.970829135242.13915E-100000@snowyowl.csu.ac.ru>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
on Fri, 29 Aug 1997 14:02:24, Vitaly V Fedrushkov wrote:
| There is one already. The only problem is that it is written in
| Bourne shell instead of plain English. It is called chkexploit and
| can be found at any Linux security website.
|
| Authors are
|
| jessen@ahand.unicamp.br
| nelson@pangeia.com.br
| vazquez@iqm.unicamp.br
|
| Personally I would say big thank you to these people.
Thanks! :-)
The current version of chkexploit can find the following
exploits/security problems:
sendmail smrsh dosemu abuse dip doom minicom killmouse ldt libroot
telnetsnoopd lpr lpd messages mount_exploit umount_exploit oversize_ping
resizecons resolv nlspath restorefont rxvt suidperl splitvt crontab
locale tcpd ftpd tftpd uucp small_services pine bliss workman
SuperProbe rlogind at ghostscript XFree86 tin convfont filter fvwm
mailx pop3d SIGURG rdist pkgtool bash rcp talkd dump xlock elm cxterm
color_xterm suid_rw_partitions zgv seyon imapd bind ld_so
Most of them are Linux/FreeBSD specific, but it can be useful
on other systems too.
chkexploit can be found on:
ftp://ftp.pangeia.com.br/pub/seg/pac/
http://kalypso.iqm.unicamp.br/tools/chkexploit/
Please send comments/bug reports/new exploits to:
jessen@ahand.unicamp.br
Thanks,
Klaus.