[13656] in bugtraq
Re: RedHat 6.1 /and others/ PAM
daemon@ATHENA.MIT.EDU (Simple Nomad)
Wed Feb 2 14:26:44 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10002011658440.943-100000@blackhole.nmrc.org>
Date: Tue, 1 Feb 2000 17:01:33 -0600
Reply-To: Simple Nomad <thegnome@NMRC.ORG>
From: Simple Nomad <thegnome@NMRC.ORG>
X-To: Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000201220910.22DF.0@argo.troja.mff.cuni.cz>
Maybe I should restate. The sploit as it stands didn't work, and even
using expect, pty, etc didn't work. Still showing up in syslog on RH 6.1,
can someone else confirm/deny?
- Simple Nomad - No rest for the Wicca'd -
- thegnome@nmrc.org - www.nmrc.org -
- thegnome@razor.bindview.com - www.bindview.com -
On Tue, 1 Feb 2000, Pavel Kankovsky wrote:
> On Mon, 31 Jan 2000, Simple Nomad wrote:
>
> > Trying to "echo PASSWORD | su ACCOUNT" will elicit a response of
> > "standard in must be a tty..." therefore the sploit would stop on the
> > first word in the list as if it was the correct password. Therefore I fail
> > to see the exact sploit here. I tried this on a stock RH 6.1 machine.
>
> Use a pseudoterminal. Expect is your friend.
>
> --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
> "Resistance is futile. Open your source code and prepare for assimilation."
>
