Bugtraq mailing list archives
Re: rdist exploit [bsdi]
From: jpf () MIG COM (Jack Flory)
Date: Sat, 13 Jul 1996 23:31:54 -0600
leipold+ () andrew cmu edu said:
With relation to the BSDI rdist exploit, it seems logical that it may work on some systems and not others. I don't know what it is dependent on, (only have one or two machines to try it on, and they both spawned a shell) However some of you might be interested to know that it works on a commercial version as well (though there is no real reason it shouldnt) But on the following system, it worked, and it is a commercial system; Copyright 1992, 1993, 1994, 1995, 1996 Berkeley Software Design, Inc. Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. BSDI BSD/OS 2.1 Kernel #8: Sun May 19 XX:XX:XX EDT 1996
Ah, I see you have not installed the patch supplied by BSDI. Yes, Virginia, there is a patch available which fixes the problem. You can contact support@bsdi for further information. -- =============================================================== Jack Flory Migration Associates Corp. Phone: 303-504-9590 6843 East Harvard Avenue FAX: 303-504-9589 Denver, Colorado 80224 email: jpf () mig com PGP Key by email to jpf () mig com with a subject of "get pgp key" ===============================================================
Current thread:
- Re: rdist exploit [bsdi], (continued)
- Re: rdist exploit [bsdi] Andy Dills (Jul 13)
- Re: rdist exploit [bsdi] Brian Tao (Jul 14)
- at the risk of another flamefest.. *Hobbit* (Jul 14)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- Re: at the risk of another flamefest.. Alan L. Wendt (Jul 15)
- hpux 10.0 remote administration Matthew G. Harrigan (Jul 15)
- Re: rdist exploit [bsdi] System Manager (Jul 13)
- Re: rdist exploit [bsdi] Tom Bowman (Jul 12)
- Re: rdist exploit [bsdi] Brian Tao (Jul 12)
- Re: rdist exploit [bsdi] Cosimo Leipold (Jul 13)
- Re: rdist exploit [bsdi] Jack Flory (Jul 13)
- Re: rdist exploit [bsdi] Chris Caputo (Jul 13)
- Re: rdist exploit [bsdi] Brian Mitchell (Jul 14)