Vulnerability Development mailing list archives
Re: /var/named world writeable in latest slack
From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Thu, 12 Oct 2000 09:54:04 +0200
On Thu, 12 Oct 2000, Jason Storm wrote:
If so, it almost for sure means root compromise, AFAIK. As I recall, config file parsing could cause some overflows...I sincerely doubt the box was hacked </famous last words>; named was never running for one thing (its commented out of rc.inet2 by default), and this was found literally within 2 minutes of the first reboot after the install.
Oh sorry, I didn't meant it! I just believe world-writable /var/named can lead to root compromise, because, as I recall, config-file parsing had some bofs!:) So if it's default Slackware permissions set... ahem, they have made a mistake ;> _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- /var/named world writeable in latest slack Jason Storm (Oct 11)
- Re: /var/named world writeable in latest slack Michal Zalewski (Oct 12)
- Re: /var/named world writeable in latest slack Jason Storm (Oct 12)
- Re: /var/named world writeable in latest slack Michal Zalewski (Oct 12)
- Re: /var/named world writeable in latest slack Jason Storm (Oct 12)
- Re: /var/named world writeable in latest slack Dave McLaughlin (Oct 12)
- Re: /var/named world writeable in latest slack Brian Poole (Oct 13)
- <Possible follow-ups>
- Fw: /var/named world writeable in latest slack Dave McLaughlin (Oct 12)
- Re: /var/named world writeable in latest slack Michal Zalewski (Oct 12)