Bugtraq mailing list archives
[8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX
From: 8lgm () bagpuss demon co uk ([8LGM] Security Team)
Date: Sat, 14 May 1994 04:16:03 +0100
This advisory update has been sent to: comp.security.unix BUGTRAQ <bugtraq () crimelab com> CERT/CC <cert () cert org> Sun Microsystems <security-alert () sun com> =========================================================================== [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX With reference to [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 released yesterday, a few people have pointed out that the fix given is not enough in all situations. The problem is that passwd(1) is linked to chfn(1) and friends, and yppasswd(1) is a copy of passwd(1). Therefore, yppasswd(1) also needs to be patched. The following is now the recommended way to fix the problem. WORKAROUND & FIX: 1. Contact your vendor for a patch. 2. Patch the passwd binary to remove the '-F' option.
# cd /bin # cp passwd passwd.old; chmod 700 passwd.old # adb -w - passwd
not core file = passwd
/l 'F:'
0x68de The above address is required in the following step:
0x68de/w 0
0x68de: 0x463a = 0x0 <CTRL-D>
# chmod 4711 /bin/passwd # /bin/passwd -F /tmp/WinnersBlues
passwd: illegal option -- F Usage: passwd [-l|-y] [-F file] [-afs] [-d user] [-e user] [-n numdays user] [-x numdays user] [user] # Repeat the adb stage, and patch yppasswd in the same way. (replace 'passwd' by 'yppasswd') Thanks to all those who pointed that out, we apologise for the error! FEEDBACK & CONTACT INFORMATION: 8lgm-bugs () bagpuss demon co uk (To report security flaws) 8lgm-request () bagpuss demon co uk (Request for [8lgm] Advisories) 8lgm () bagpuss demon co uk (General enquiries) System Administrators are encouraged to contact us for any other information they may require about the problems described in this advisory. We welcome reports about which platforms this flaw does or does not exist on. NB: 8lgm-bugs () bagpuss demon co uk is intended to be used by people wishing to report which platforms/OS's the bugs in our advisories are present on. Please do *not* send information on other bugs to this address - report them to your vendor and/or comp.security.unix instead. ===========================================================================
Current thread:
- wolves and sheep on the inet, (continued)
- wolves and sheep on the inet Timothy Newsham (May 11)
- Re: wolves and sheep on the inet Gene Spafford (May 13)
- Re: wolves and sheep on the inet Steve Simmons (May 13)
- permissions Perry E. Metzger (May 16)
- Re: permissions Pat Myrto (May 16)
- Re: permissions Evil Pete (May 17)
- Re: permissions Pat Myrto (May 17)
- Re: permissions Gene Spafford (May 17)
- Re: permissions Evil Pete (May 18)
- Re: permissions Evil Pete (May 18)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX [8LGM] Security Team (May 13)
- iss equivalents *Hobbit* (May 11)
- Source vs. binary for tools Jeremy Epstein -C2 PROJECT (May 12)
- runaway lockd problems (SunOS 4.1.3) Pat Myrto (May 12)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 [8LGM] Security Team (May 12)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Pat Myrto (May 13)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Gene Spafford (May 13)
- Re: Time For New Security Package? (was Re: new iss stuff) Mark (May 10)