Bugtraq mailing list archives
Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks
From: Alexander Schreiber <alexander.schreiber () INFORMATIK TU-CHEMNITZ DE>
Date: Sat, 11 Nov 2000 00:01:13 +0100
Hi! On Fri, 10 Nov 2000, Michal Zalewski wrote:
This problem is not related to any specific product or solution, but affects pretty huge part of the ISP installations. The problem is a direct effect of the default account creation policy launched by OpenBSD, RedHat, and some other vendors, where every user has it's own, corresponding gid.
Debian 2.2 (potato) default install checks for this: <cite> boromir:~# adduser kmem adduser: The group `kmem' already exists. </cite> You can create such a user with the useradd tool, but useradd defaults to give this user gid 100 (users). You can of course explicitly specify group kmem, but then - you are root, - you use useradd instead of the do-all-and-be-happy adduser so you can be expected to know what you are doing. Regards, Alex. -- ------------------------------------------------------------------------------ EMail : als () thangorodrim de | WWW : http://www.thangorodrim.de/ "I think there's a world market for about five computers." -- attr. Thomas J. Watson (Chairman of the Board, IBM), 1943
Current thread:
- numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 11)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Bernhard Rosenkraenzer (Nov 11)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Alexander Schreiber (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Pavel Korovin (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Tomasz Kłoczko (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks hellman (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledges elevation attacks Jeff Bachtel (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledges elevation attacks Michal Zalewski (Nov 14)