From owner-freebsd-security Thu Dec 14 7:48:45 2000 From owner-freebsd-security@FreeBSD.ORG Thu Dec 14 07:48:43 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from secure.smtp.email.msn.com (cpimssmtpu07.email.msn.com [207.46.181.28]) by hub.freebsd.org (Postfix) with ESMTP id 8386E37B400; Thu, 14 Dec 2000 07:48:43 -0800 (PST) Received: from x86w2kl1 - 209.0.249.169 by email.msn.com with Microsoft SMTPSVC; Thu, 14 Dec 2000 07:48:42 -0800 Message-ID: <00c401c0666c$1f63cff0$9207c00a@local> From: "John Howie" To: "Kris Kennaway" , References: <20001214070649.A25429@citusc.usc.edu> Subject: Re: Details of www.freebsd.org penetration Date: Fri, 15 Dec 2000 07:53:32 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Kris, Any chance you could let us know exactly what 'local root vulnerability' was exploited. As I recall it was originally stated that no weakness in FreeBSD itself had been leveraged. I appreciate that the hacker gained access to the system via CGI (and not a FreeBSD weakness) but once in he/she became root through some other means. Was this vulnerability a configuration issue or simply a known problem that had not been addressed? Thanks, john... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message