Bugtraq mailing list archives
Re: identd hole?
From: jacob () esisys com (Jacob Langseth)
Date: Tue, 16 Jul 1996 15:28:59 -0400
running on several Slackware 3.0 machines (all of the vulnerabilities that I am aware of are fixed on those, but this one is new for me).
Are you absolutely certain that you have a) replaced in.telnetd w/ a fixed version or b) have a statically compiled wrapper around /bin/login to clean the environment of unwanted variables? The description of the attack leads me to strongly beleive he's attacking w/ the LD_PRELOAD bug. Curious, Jacob -- Jacob Langseth -=-finger for PGP key-=- Enhanced Systems, Inc. email: jacob () esisys com 6961 PeachTree Ind Blvd voice: (770) 662-1504 ext. 684 Norcross, GA 30092 fax: (770) 662-1537
Current thread:
- Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
- Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)