[483] in linux-security and linux-alert archive
ATTN! CORRECTION: Re: Fwd: CERT Advisory CA-95:14 - Telnetd Environment Vulnerability
daemon@ATHENA.MIT.EDU (Jacob Langseth)
Thu Nov 9 23:19:45 1995
Date: Thu, 9 Nov 1995 22:44:05 -0500
To: linux-security@tarsier.cv.nrao.edu
From: jacob@esisys.com (Jacob Langseth)
[Mod: Edited to remove/change notes that were directed solely toward the
moderator(s). --Jeff.]
...In my previous email, I said:
> WAIT! Do NOT remove the exit(1) unless you also add code to clear the
> environment variables. If you do not, this will simply log that a hack
> was attempted and do nothing to prevent it...
I was incorrect, my apologies.
Please ignore all references to the patch from my post.
The information at the end regarding the updatedb security problem is
accurate, however.
Jacob
--
Jacob Langseth -=-finger for PGP key-=-
Enhanced Systems, Inc. email: jacob@esisys.com
6961 PeachTree Ind Blvd voice: (404) 662-1504 ext. 684
Norcross, GA 30092 fax: (404) 662-1537
