Bugtraq mailing list archives
Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks
From: Pavel Korovin <pvk () TSINET RU>
Date: Sun, 12 Nov 2000 22:06:37 +0300
Michal Zalewski (lcamtuf () DIONE IDS PL) wrote:
Mkey. During futher investigations I've found recent RH releases (6.2 and 7.0) seems to be not affected by this problem. But, as numerous systems are still based on older releases, and there were no security advisories on this silently fixed problem, shadow-utils might be still used in previous versions. I am, in fact, still using the old package, and haven't checked for the updates (sorry). This does not change the fact numerous systems are vulnerable. - Debian 2.2 - not vulnerable - RedHat below 6.2 - vulnerable - RedHat 6.2, 7.0 - not vulnerable - Cobalt Linux - vulnerable - other distros? I would suspect Corel Linux, SuSE, Mandrake... - OpenBSD - seems to be vulnerable, no details Yes, recent installations might be not vulnerable. Distros with RH-alike shadow-utils configuration and without the patch mentioned here by Bernhard Rosenkraenzer, are vulnerable. Other systems, like OpenBSD, might allow such attacks.
OpenBSD useradd(8) utility is not affected. adduser(8) is affected, but I think this is sysadmin's deal not be cought in such trap. -- Pavel Korovin SMTP: pvk () tsinet ru
Current thread:
- numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 11)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Bernhard Rosenkraenzer (Nov 11)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Alexander Schreiber (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Pavel Korovin (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Tomasz Kłoczko (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks Michal Zalewski (Nov 13)
- Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks hellman (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledges elevation attacks Jeff Bachtel (Nov 14)
- Re: numerous free/paid account systems are vulnerable to privledges elevation attacks Michal Zalewski (Nov 14)