[2913] in bugtraq
Re: rdist exploit [bsdi]
daemon@ATHENA.MIT.EDU (Max Vision)
Sun Jul 14 16:47:59 1996
Date: Sat, 13 Jul 1996 22:34:27 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Max Vision <vision@hungry.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Confirmed on our box as well
BSD/OS gateway.mpath.com 2.0.1 BSDI BSD/OS 2.0.1 Kernel #12: Thu Dec 14
14:34:33 PST 1995 xxxxxxx@xxxxxxx.xxxxx.com:/usr/src/sys/compile/NEWROTH
i386
At 06:23 PM 7/13/96 -0400, you wrote:
>Confirmed on our FreeBSD 2.0.5-RELEASE box.
>
>On Fri, 12 Jul 1996, jaeger wrote:
>
>> > > > Here is a quick bsd/os (should work in freebsd too, I believe)
exploitation
>> > > > script for the rdist buffer overflow vulnerbility.
>> > >
>> > > Confirmed for FreeBSD 2.1.0-RELEASE, 2.2-960501-SNAP and
>> > > 2.2-960601-SNAP. Haven't tried it with the 2.1.5 release stream yet.
>> >
>> > It did NOT work on a friend's FreeBSD 2.1.0-RELEASE box. I guess it
>> > depends on the configuration and if the admin has done any other patching.
>> >
>> The exploit must be compiled with no optimization or it throws off
>> the hardcoded offsets. It indeed works on a 2.1.0-RELEASE machine. Verify
>> that your friend's rdist is SUID and not a replacement package of some sort.
>>
>> -jaeger
>>
>
>
