[5482] in bugtraq
Re: Major security-hole in kerberos rsh, rcp and rlogin.
daemon@ATHENA.MIT.EDU (Matt)
Tue Nov 4 15:22:01 1997
Date: Tue, 4 Nov 1997 19:25:37 GMT
Reply-To: Matt <panzer@DHP.COM>
From: Matt <panzer@DHP.COM>
To: BUGTRAQ@NETSPACE.ORG
In mail.bugtraq Richard Levitte - VMS Whacker <LeViMS@STACKEN.KTH.SE> wrote:
: To remove some of the panic: to activate the bug, it is required that
: there are valid tickets for the target user laying around somewhere on
: your system (usually in /tmp/).
Why not remove some more of the panic and actually describe what is wrong.
Buffer overflow? Bad assumptions of environmental variables. Follows
links in /tmp? Etc. This would at least help other people look for
solutions (and/or bugs in other versions of kerberos). Your option to
include "exploitz" or not, but at least a description slightly more then
"kerberos is insecure".
: The bug is still a very serious one.
This list used to be "full-disclosure", or at least slightly.
--
-Matt (panzer@dhp.com) -- DataHaven Project - http://www.dhp.com/
"That which can never be enforced should not be prohibited."
