[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)

To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)
From: Dan Harkless <dan-bugtraq@DILVISH.SPEED.NET>
Date: Thu, 30 Nov 2000 20:56:35 -0800

Chris Sharp <v9@FAKEHALO.ORG> writes:
> well, i dont know if rcvtty is suppost to be
> setgid in general, since ive never seen it setgid
> on anything but BSDi 3.0 and 4.0.  but
> none-the-less, here is a exploit i wrote for it:

In nmh (mh's actively-maintained descendant), at least, rcvtty is not
installed setgid.  Not sure if there's a BSD port of nmh that makes it so,
though.

----------------------------------------------------------------------
Dan Harkless                   | To prevent SPAM contamination, please
dan-bugtraq@dilvish.speed.net  | do not mention this private email
SpeedGate Communications, Inc. | address in Usenet posts.  Thank you.

Prev by Date: Re: Cisco 675 Denial of Service Attack
Next by Date: No Subject
Prev by thread: BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)
Next by thread: Nokia firewalls
Index(es):
- Date
- Thread