Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Potential security problem with mtr

From: viktor () DTEK CHALMERS SE (Viktor Fougstedt)
Date: Sat, 4 Mar 2000 21:13:03 +0100

On Sat, 4 Mar 2000, Rogier Wolff wrote:


Viktor Fougstedt wrote:

mtr-0.28 seems to be a standard package in some Linux distributions,
but it is not known whether it is installed setuid-root.


0.41 is current.


0.41 was the version I tried. I'm sorry I didn't make that
clearer. The mentioning of 0.28 comes from the fact that that is the
version distributed with Debian. 0.41 has the same problem, though.


The authors have been contacted, but no reply has been received. The
latest version is from Aug 19 1999, and I am uncertain whether mtr is
still being actively developed.


I'm the maintainer. I haven't been contacted. Viktor, may I ask you to
do your homework a bit better next time?


You may certainly. According to the file AUTHORS in the 0.41
distribution, bug reports should be sent to the mtr mailing list. And
the file README in the same tarball gives this address as
mtr () lists xmission com. I sent a message to that address on Wed, 2 Feb
2000 20:13:40 +0100. I received no response to that mail. If this was
not the correct address, may I ask that the information in the AUTHORS
and README files be updated to contain correct information?

/Viktor...

--|     Viktor Fougstedt, system administrator at dtek.chalmers.se     |--
--|                http://www.dtek.chalmers.se/~viktor/                |--
--| ...soon we'll be sliding down the razor blade of life. /Tom Lehrer |--
Previous By Date Next
Previous By Thread Next

Current thread: