[10405] in bugtraq
Possible Linuxconf Vulnerability
daemon@ATHENA.MIT.EDU (The Nefarious Type)
Fri Apr 30 15:49:34 1999
Content-Type: text/plain; charset=US-ASCII
Mime-Version: 1.0
Content-Transfer-Encoding: 7BIT
Message-Id: <99042919090600.00660@async101>
Date: Thu, 29 Apr 1999 18:45:40 -0400
Reply-To: The Nefarious Type <prestochango@ANTIONLINE.COM>
From: The Nefarious Type <prestochango@ANTIONLINE.COM>
To: BUGTRAQ@NETSPACE.ORG
An older version of linuxconf was packaged with Redhat 5.1 and I had
not run into any problems with that version. But after installing the latest
version (linuxconf-1.13r15-1) onto OpenLinux 1.3, I came upon a problem during
boot. It had not detected /sbin/clock, so a menu appeared during boot and asked
if I wanted to change this. This happened all before I was even prompted for a
login.
The fact that someone who has physical access to the server can
access linuxconf (which by default, can only be used under root) is kind of
disturbing. So far, I have not been able to exploit this problem, though I'm
guessing that it could be done (e.g. from that menu, access user configuration,
etc.).
Linuxconf Homepage
http://www.solucorp.qc.ca/linuxconf/
-PrestoChango
