From owner-freebsd-security Wed Apr 24 15:39:50 2002 Delivered-To: freebsd-security@freebsd.org Received: from apollo.pwhsnet.com (adsl-64-164-36-226.dsl.scrm01.pacbell.net [64.164.36.226]) by hub.freebsd.org (Postfix) with ESMTP id B218837B417 for ; Wed, 24 Apr 2002 15:39:41 -0700 (PDT) Received: (from root@localhost) by apollo.pwhsnet.com (8.11.6/8.11.6) id g3OMZT576659 for freebsd-security@freebsd.org; Wed, 24 Apr 2002 15:35:29 -0700 (PDT) (envelope-from patrick@pwhsnet.com) Received: from zeus (patrick@zeus.pwhsnet.com [192.168.0.3]) by apollo.pwhsnet.com (8.11.6/8.11.6) with SMTP id g3OMZSk76613 for ; Wed, 24 Apr 2002 15:35:28 -0700 (PDT) (envelope-from patrick@pwhsnet.com) Message-ID: <009101c1ebdf$341b4000$0300a8c0@zeus> From: "Patrick O. Fish" To: Subject: su: s/key Date: Wed, 24 Apr 2002 15:27:22 -0700 MIME-Version: 1.0 X-scanner: scanned by Inflex 1.0.12.2 - (http://pldaniels.com/inflex/) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I just got back from a vacation today. I had an email from my security officer saying that he was able to use an exploit to get root, and that he patched it (took suid off that file). I goto su, and i get this: patrick@apollo:~$ su s/key 95 snosoft2 Password: I asked him about it, he doesnt know why thats happening. Any ideas? Patrick Fish PWHS Networks ______________________________________ Scanned and protected by Inflex Inflex Scanning software Available at http://pldaniels.com/inflex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message