[2908] in bugtraq
Re: rdist exploit [bsdi]
daemon@ATHENA.MIT.EDU (Andrew N. Edmond)
Sun Jul 14 00:46:21 1996
Date: Sat, 13 Jul 1996 01:20:35 -0600
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Andrew N. Edmond" <edmond@shaman.lycaeum.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.LNX.3.91.960712171319.28401A-100000@dhp.com>
> > > > Here is a quick bsd/os (should work in freebsd too, I believe) exploitation
> > > > script for the rdist buffer overflow vulnerbility.
> > >
> > > Confirmed for FreeBSD 2.1.0-RELEASE, 2.2-960501-SNAP and
> > > 2.2-960601-SNAP. Haven't tried it with the 2.1.5 release stream yet.
Agreed, another confirmation that this exploit works on 2.1.0-RELEASE. I
temporarily fixed the problem by doing (this may be overboard, but I am
getting paranoid with all these BSD holes lately!) the following:
chflags noschg /usr/bin/rdist # must take off immutable flag!
chmod 000 /usr/bin/rdist # wipe all functionality from this prog
Looking forward to a source patch, for sure!
Andy
.............................................................................
. Andrew Edmond . Children of a future age, .
.. edmond@lycaeum.org ... Reading this indignant page, ..
... University of Wyoming ..... Know that in a former time, ...
.... Botany Department ....... A path to God was thought a crime. ....
....................... the Lycaeum .........................................
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAzGauk0AAAEEANjORiZVrD98GS+vkJv+36CLC5Agifk8ra61i3i+Ms2115uK
9WoeUBA2J9QkjG+dM6tEOkPtrnZFkahFbOsDT0Rh46eBktdAp7IXY5M2zN4r1bWt
x6w4b//ffkfRbrTinovxXYLJa5oASudlQbNkVpqAOAH1fdTO3xFsi69/gtsxAAUR
tCJBbmRyZXcgRWRtb25kIDxlZG1vbmRAbHljYWV1bS5vcmc+tBBBbmRyZXcgTi4g
RWRtb25k
=l080
-----END PGP PUBLIC KEY BLOCK-----
