Bugtraq mailing list archives
Re: BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)
From: Dan Harkless <dan-bugtraq () DILVISH SPEED NET>
Date: Thu, 30 Nov 2000 20:56:35 -0800
Chris Sharp <v9 () FAKEHALO ORG> writes:
well, i dont know if rcvtty is suppost to be setgid in general, since ive never seen it setgid on anything but BSDi 3.0 and 4.0. but none-the-less, here is a exploit i wrote for it:
In nmh (mh's actively-maintained descendant), at least, rcvtty is not installed setgid. Not sure if there's a BSD port of nmh that makes it so, though. ---------------------------------------------------------------------- Dan Harkless | To prevent SPAM contamination, please dan-bugtraq () dilvish speed net | do not mention this private email SpeedGate Communications, Inc. | address in Usenet posts. Thank you.
Current thread:
- Re: BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package) Dan Harkless (Dec 02)