Bugtraq mailing list archives

Re: identd hole?

From: jacob () esisys com (Jacob Langseth)
Date: Tue, 16 Jul 1996 15:28:59 -0400

running on several Slackware 3.0 machines (all of the vulnerabilities that
I am aware of are fixed on those, but this one is new for me).


Are you absolutely certain that you have a) replaced in.telnetd w/ a
fixed version or b) have a statically compiled wrapper around /bin/login
to clean the environment of unwanted variables?  The description of the
attack leads me to strongly beleive he's attacking w/ the LD_PRELOAD bug.

Curious,
Jacob
--
Jacob Langseth                          -=-finger for PGP key-=-
Enhanced Systems, Inc.                  email:  jacob () esisys com
6961 PeachTree Ind Blvd                 voice:  (770) 662-1504 ext. 684
Norcross, GA  30092                     fax:    (770) 662-1537

Current thread:

Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
  - Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)