[2962] in bugtraq
FreeBSD recent exploits.
daemon@ATHENA.MIT.EDU (Andy Dills)
Thu Jul 18 18:12:13 1996
Date: Thu, 18 Jul 1996 17:42:32 -0400
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Andy Dills <andy@bigdog.fred.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <Pine.SGI.3.94.960718143501.21953C-100000@elvis.rowan.edu>
Hello, I run a FreeBSD news server. I have been keeping up with the
various recent security holes (the suidperl, rdist, etc.).
However, since this is a full disclosure list, I must say my curiousity
is piqued about the latest two.
First, how would one use the hole in the ppp program? I noticed, looking
at the patch, the flawed logic in some of the source code. However, since
I am trying to learn C myself, I wasn't sure how they would be exploited.
Secondly, the rz/sz. Is this a FreeBSD only hole, or a "bad idea" that is
part of the zmodem protocol? And I am dying to see more info about it, as
in, exactley what part of the protocol allows you to do this? Also,
without knowing the history of rz/sz, why on earth did they include such
a thing, if it was in fact a deliberate inclusion?
Andy Dills
