Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: rdist exploit [bsdi]

From: jpf () MIG COM (Jack Flory)
Date: Sat, 13 Jul 1996 23:31:54 -0600

leipold+ () andrew cmu edu said:


With relation to the BSDI rdist exploit, it seems logical that it may
work on some systems and not others. I don't know what it is
dependent on, (only have one or two machines to try it on, and they
both spawned a shell) However some of you might be interested to know
that it works on a commercial version as well (though there is no
real reason it shouldnt) But on the following system, it worked, and
it is a commercial system;

Copyright 1992, 1993, 1994, 1995, 1996 Berkeley Software Design, Inc.
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The
Regents of the University of California.  All rights reserved.

BSDI BSD/OS 2.1 Kernel #8: Sun May 19 XX:XX:XX EDT 1996


Ah, I see you have not installed the patch supplied by BSDI.
Yes, Virginia, there is a patch available which fixes the problem.
You can contact support@bsdi for further information.

--
===============================================================
Jack Flory
Migration Associates Corp.                 Phone:  303-504-9590
6843 East Harvard Avenue                   FAX:    303-504-9589
Denver, Colorado 80224                     email:  jpf () mig com
PGP Key by email to jpf () mig com with a subject of "get pgp key"
===============================================================
Previous By Date Next
Previous By Thread Next

Current thread: