Bugtraq mailing list archives
who
From: paul () BOEHM ORG (Paul Boehm)
Date: Tue, 28 Jul 1998 20:27:21 +0200
Hi, the 'who' program is on some systems in a privileged group which is allowed to read utmp. On redhat linux 5.1 you can easily crash who by many different ways (e.g. try who /bin/bash) on freebsd you can use it to view parts of the content of files that privileged group may read(try who /privileged/group/file). this is no big deal with security, but gaining a more privileged group sometimes may be the key to root compromise. bye, pb -- [ Paul S. Boehm | paul () boehm priv at | http://paul.boehm.org/ | infected@irc ] Money is what gives a programmer his resources. It's an exchange system created by human beings. It surrounds us. Works for us, binds the economy together.
Current thread:
- Re: netscape mail overflow(another one), (continued)
- Re: netscape mail overflow(another one) Brett Glass (Jul 28)
- Re: netscape mail overflow(another one) pedward () WEBCOM COM (Jul 29)
- HP-UX Predictive & Netscape SSL Vulnerabilities Aleph One (Jul 29)
- Long attachment filename exploits: a procmail filter John D. Hardin (Jul 29)
- Crash a redhat 5.1 linux box Zachary Amsden (Jul 29)
- FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box) Joe Zbiciak (Jul 29)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Roger Espel Llima (Jul 30)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Alan Cox (Jul 30)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Pavel Kankovsky (Jul 30)
- Re: netscape mail overflow(another one) Paul Boehm (Jul 29)
- who Paul Boehm (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 28)