Bugtraq mailing list archives

Re: riptrace.c

From: ahuger () SECURENETWORKS COM (Alfred Huger)
Date: Thu, 8 Jan 1998 17:06:15 -0700


After a quick look and asking around a bit, I have a little more
information on which OS's appear to be vulnerable (and not vulnerable) to
this attack.

SunOS 5.5 / Appears not vulnerable
BSDI 2.1 / Appears not vulnerable
Slackware Linux 2.0.29 / Appears not vulnerable
IRIX 5.2-5.3-6.2 / Vulnerable
NetBSD 1.2 / Vulnerable
OpenBSD / Appears not vulnerable
FreeBSD 2.2.2 / Appears not vulnerable
Ultrix 4.3 / Appears vulnerable

This is by no means an exhaustive list, just what I had access to test
quickly (with the exception of Ultrix which was tested by someone else).
For what it is worth Theo Deraadt had this fixed in OpenBSD some time ago.
He also, if I heard him correctly, discovered and reported this bug to
someone at SGI years ago.

/****************************************************************************
Alfred Huger                                    http://www.secnet.com/ballista
Project Director                                ahuger () secnet com
Secure Networks Inc. (SNI)
*****************************************************************************/

Current thread:

Security flaw in either DIT TransferPro or Solaris The Man (Jan 05)
- Re: Security flaw in either DIT TransferPro or Solaris The Man (Jan 07)
- NetWare NFS Andrew J. Anderson (Jan 08)
- New DOS exploit for NT and Win95 (CONFIRMED?) Aleph One (Jan 08)
- bonk.c Aleph One (Jan 08)
  - Re: bonk.c Jord Sonneveld (Jan 10)
- riptrace.c Aleph One (Jan 08)
  - Re: riptrace.c Christopher Masto (Jan 08)
    - Re: riptrace.c Alfred Huger (Jan 08)
    - Nifty Security hole on Several NT Based Web Servers Aleph One (Jan 09)
    - Re: riptrace.c Theo de Raadt (Jan 09)
    - Re: riptrace.c Hubert Feyrer (Jan 08)
    - Source for NEWTEAR.C Aleph One (Jan 09)