Bugtraq mailing list archives

Re: Question about Local vulnerability in libutil derived with FreeBSD.

From: Seth Arnold <sarnold () wirex com>
Date: Fri, 21 Sep 2001 09:45:52 -0700

On Fri, Sep 21, 2001 at 12:31:12PM +0300, Rumen Telbizov wrote:

I tried the above vunlarability on 2 FreeBSD 4.3-RELEASE 
boxes and it worked out! I tried this on one Linux RH6.2 box
with OpenSSH installed on it and it DID NOT work.


This latest vulnerability is specific to systems that have implemented
the BSD authentication class scheme. So, as far as I know, the only
systems that could be vulnerable to this particular problem are BSDi,
FreeBSD, OpenBSD, and possibly NetBSD.[1] So far, there have been
confirmations of FreeBSD vulnerability, a compellingly good description
of why OpenBSD is not vulnerable, and (as far as I remember) no feedback
from BSDi or NetBSD.

Until Linux distributors start shipping BSD authentication support,
Linux users ought to remain pretty safe from this problem.

(With the exception of BSDi, I doubt any other commercial unix-like or
unix vendors ship the BSD authentication stuff. As always, ask your
vendor for details. :)

Cheers! :)

[1]: My apologies to our NetBSD friends; I promise I'll give NetBSD a
test drive someday. :)

Current thread:

Question about Local vulnerability in libutil derived with FreeBSD. Rumen Telbizov (Sep 21)
- Re: Question about Local vulnerability in libutil derived with FreeBSD. Seth Arnold (Sep 21)
- Re: Question about Local vulnerability in libutil derived with FreeBSD. Przemyslaw Frasunek (Sep 21)
- <Possible follow-ups>
- Re: Question about Local vulnerability in libutil derived with FreeBSD. Rick Kelly (Sep 24)