Bugtraq mailing list archives
Re: vulnerability in satan, cops & tiger
From: zen () TROUBLE ORG (d)
Date: Fri, 26 Jun 1998 17:51:14 -0700
Cops v1.04 (see below for a patch)
[...]
All the following bugs can be used to create or overwrite any file on the system, because these applications run usually under the root id.
There's no reason to run COPS as root; indeed, it explicitly says in the docs that you shouldn't. Also, the res_diff bug only affects people running it out of cron (it examines the difference in the last run.) Checkacct & mail.chk are not used in the normal cops run also. (Shame on me for doing this anyway, even if it was almost 10 years ago; I used same-dir temp files for everything else.) I won't comment on satan, 'cuz wietse already did.
closing remarks: I was shocked when I found these bugs. These security tools have been around since years - and yet nobody had checked this ??
I had found the problems in cops (in res_diff, not the other programs; one wasn't even mine) but never got around to releasing a patch - hardly an earth-shattering problem, IMHO.
If this is a reflection of our security consciousness, well, we are in big trouble since a long time and things are not getting better (especially with M$ around)
Believe me, the security conciousness of today is light years ahead of where we where back when, which shows you how pathetic things were then. However, it's good to see someone putting effort into these things - keep up the work. dan
Current thread:
- vulnerability in satan, cops & tiger Marc Heuse (Jun 26)
- Re: vulnerability in satan, cops & tiger Douglas Lee Schales (Jun 26)
- <Possible follow-ups>
- Re: vulnerability in satan, cops & tiger d (Jun 26)
- Re: vulnerability in satan, cops & tiger Adam H. Pendleton (Jun 26)