[15056] in bugtraq
Re: kscd vulnerability
daemon@ATHENA.MIT.EDU (Chmouel Boudjnah)
Thu May 25 22:50:39 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <m2k8gjklt9.fsf@vador.mandrakesoft.com>
Date: Thu, 25 May 2000 11:42:42 +0200
Reply-To: Chmouel Boudjnah <chmouel@MANDRAKESOFT.COM>
From: Chmouel Boudjnah <chmouel@MANDRAKESOFT.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Matt Wilson's message of "Wed, 24 May 2000 16:56:20 -0400"
Matt Wilson <msw@REDHAT.COM> writes:
> Red Hat Linux does not ship kscd setuid.
Same for Linux-Mandrake :
chmou@kenobi)[~]-% rpm -qpl -v /RPMS/kdemultimedia-1.1.2-11mdk.i586.rpm |grep -w bin/kscd
-rwxr-xr-x root root 200048 Apr 17 15:58 /usr/bin/kscd
> > sorry for not sending an advisory, but i don't
> > have much time. :)
> > I think the exploit is well commented.
> >
> > regards,
> > Sebastian
> >
> > mail: Permission denied. Detected symlink to /etc/ld.so.preload.
> > Admin has been informed.
> > [exploit_user@lucifer]$ /tmp/boomshell
> > [root@lucifer]#
> >
>
--
MandrakeSoft Inc http://www.mandrakesoft.com
In travel. --Chmouel
