[18490] in bugtraq
Re: /usr/sbin/audlinks vulnerability
daemon@ATHENA.MIT.EDU (optyx)
Tue Jan 9 12:35:24 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.BSO.4.21.0101081911120.9452-100000@pr0n.newhackcity.net>
Date: Mon, 8 Jan 2001 19:22:20 -0800
Reply-To: optyx <optyx@UBERHAX0R.NET>
From: optyx <optyx@UBERHAX0R.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
It was never stated you could use audlinks to gain root through
rsh/rlogin.
in my post I said you could use it to clobber (overwrite to clarify
because obviously I have to)
audlinks like many programs doesn't fstat the file it opens with O_RDWR
access properly.
As far as this posing a threat to a systems files, its highly
unlikely. This was just notice of failure to fstat properly, which could
lead to problems.
And audlinks is executed on boot with static arguements, so this is not
vulnerable.
-Optyx
http://www.uberhax0r.net
