Bugtraq mailing list archives
Re: Potential security problem with mtr
From: viktor () DTEK CHALMERS SE (Viktor Fougstedt)
Date: Sat, 4 Mar 2000 21:13:03 +0100
On Sat, 4 Mar 2000, Rogier Wolff wrote:
Viktor Fougstedt wrote:mtr-0.28 seems to be a standard package in some Linux distributions, but it is not known whether it is installed setuid-root.0.41 is current.
0.41 was the version I tried. I'm sorry I didn't make that clearer. The mentioning of 0.28 comes from the fact that that is the version distributed with Debian. 0.41 has the same problem, though.
The authors have been contacted, but no reply has been received. The latest version is from Aug 19 1999, and I am uncertain whether mtr is still being actively developed.I'm the maintainer. I haven't been contacted. Viktor, may I ask you to do your homework a bit better next time?
You may certainly. According to the file AUTHORS in the 0.41 distribution, bug reports should be sent to the mtr mailing list. And the file README in the same tarball gives this address as mtr () lists xmission com. I sent a message to that address on Wed, 2 Feb 2000 20:13:40 +0100. I received no response to that mail. If this was not the correct address, may I ask that the information in the AUTHORS and README files be updated to contain correct information? /Viktor... --| Viktor Fougstedt, system administrator at dtek.chalmers.se |-- --| http://www.dtek.chalmers.se/~viktor/ |-- --| ...soon we'll be sliding down the razor blade of life. /Tom Lehrer |--
Current thread:
- Potential security problem with mtr, (continued)
- Potential security problem with mtr Viktor Fougstedt (Mar 03)
- Re: Potential security problem with mtr LaMont Jones (Mar 03)
- Re: Potential security problem with mtr Viktor Fougstedt (Mar 03)
- [RHSA-2000:006-01] New nmh packages available bugzilla () REDHAT COM (Mar 06)
- Microsoft Security Bulletin (MS00-015) Microsoft Product Security (Mar 06)
- @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Dustin Miller (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 08)
- Potential security problem with mtr Viktor Fougstedt (Mar 03)
- Problem with MacOS 9 Multiple Users and Netware AFP Don Lambert (Mar 03)
- Re: Potential security problem with mtr Rogier Wolff (Mar 03)
- Re: Potential security problem with mtr Viktor Fougstedt (Mar 04)
- Re: Potential security problem with mtr - fixed Jeff Dafoe (Mar 06)
- userv (security boundary tool) 1.0.0 released Ian Jackson (Mar 06)