Bugtraq mailing list archives

Re: smbd remote file creation vulnerability

From: Michal Zalewski <lcamtuf () bos bindview com>
Date: Wed, 27 Jun 2001 20:11:16 -0400 (EDT)

On Tue, 26 Jun 2001, Joachim Blaabjerg wrote:

No, not directly, but if your `su` uses PAM to authenticate users and
PAM reacts to the spaces in the beginning of the passwd file, it
surely has something to do with PAM. To check whether `su` uses PAM or
not, try "ldd `which su`|grep libpam"


/etc/passwd is not the only place you might want to modify. Think of
rc.local or anything like that.

-- 
_____________________________________________________
Michal Zalewski [lcamtuf () bos bindview com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=

Current thread:

Re: smbd remote file creation vulnerability, (continued)
- - - Re: smbd remote file creation vulnerability Pavol Luptak (Jun 26)
    - Re: smbd remote file creation vulnerability Simple Nomad (Jun 27)
    - Re: smbd remote file creation vulnerability Olaf Kirch (Jun 28)
    - Re: smbd remote file creation vulnerability Simple Nomad (Jun 28)
    - Re: smbd remote file creation vulnerability Tomek Lipski (Jun 26)
    - Re: smbd remote file creation vulnerability Wichert Akkerman (Jun 27)
    - Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
    - Re: smbd remote file creation vulnerability Steve Beattie (Jun 28)
    - Re: smbd remote file creation vulnerability Phil Stracchino (Jun 28)
    - Re: smbd remote file creation vulnerability Joachim Blaabjerg (Jun 27)
    - Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
    - Re: smbd remote file creation vulnerability sarnold (Jun 28)
- Re: smbd remote file creation vulnerability Fatal Connect (Jun 25)
  - Re: smbd remote file creation vulnerability Joseph Nicholas Yarbrough (Jun 26)