Bugtraq mailing list archives
Big Brother Systems and Network Monitor vulnerability
From: Robert-Andre Croteau <robert () BB4 COM>
Date: Tue, 10 Oct 2000 12:15:38 -0400
=========================== Big Brother Security Notice =========================== Date: October 10th 2000 Issuer: security () bb4 com Versions: All prior to 1.5c2 Later versions have no reported vulnerabilities but you should consider upgrading. Module: bbd.c (the bb server: BBDISPLAY/BBPAGER) Affects: All BBDISPLAY/BBPAGER hosts (those running bbd) Clients are *not* affected. Summary: Vulnerabilities exists such that arbitrary commands can be executed with the same userid/permissions as the user running bbd. Fix: Download and install the latest version from http://bb4.com or versions 1.4g to 1.5c1, in bbd.c: add this statement /*** Read this as backquote dollarsign ***/ /*** semi-colon ampersand vertical_bar ***/ /*** backslash backslash ***/ clean_string(msgbuf,"`$;&|\\"); before this one do_bb(msgbuf); versions prior to 1.4g add this function in bbd.c void clean_string(str,rm_chars) char *str; char *rm_chars; { char *tmpstr; while( *rm_chars ) { while( tmpstr=(char *)strchr(str,*rm_chars) ) { *tmpstr = ' '; } rm_chars++; } } and add this statement /*** Read this as backquote dollarsign ***/ /*** semi-colon ampersand vertical_bar ***/ /*** backslash backslash ***/ clean_string(msgbuf,"`$;&|\\"); before this statement do_bb(msgbuf); Recompile bbd (make) and reinstall(make install). YMMV ! The clean_string(msgbuf,"`$;&|\\"); statement that removes the '&' character will disable some display functionality in BB but it's very minor. Upgrade to the latest version if you want a full working version. Note: BB should not be run as root! Those that compiled in the enable/disable feature *should* upgrade to the latest version or disable the enable/disable feature (recompile bbd without the -DENABLE_DISABLE flag) Particularly vulnerable are the servers that are not protected by firewalls (nothing new!) , that do not use the etc/security file and use the enable/disable feature (optional and user compiled-in) and those that keep historical logs (default). Found by: Andrew Dalgleish , Thanks! --- Robert-Andre Croteau BB4 Technologies Inc. security () bb4 com
Current thread:
- Cross site scripting: a long term fix Zag Zig (Oct 08)
- Re: Cross site scripting: a long term fix Gunther Birznieks (Oct 09)
- Re: Cross site scripting: a long term fix Cooper (Oct 09)
- Re: Cross site scripting: a long term fix David LeBlanc (Oct 09)
- Re: Cross site scripting: a long term fix Tollef Fog Heen (Oct 09)
- Re: Cross site scripting: a long term fix Erik Peterson (Oct 10)
- <Possible follow-ups>
- Re: Cross site scripting: a long term fix Michael Wojcik (Oct 10)
- Big Brother Systems and Network Monitor vulnerability Robert-Andre Croteau (Oct 10)
- Re: Cross site scripting: a long term fix Dmitry Yu. Bolkhovityanov (Oct 10)
- Re: Cross site scripting: a long term fix David M Chess/Watson/IBM (Oct 10)
- Re: Cross site scripting: a long term fix Doug Winter (Oct 11)