Date: Tue, 25 Jun 1996 11:40:15 +0200 (MET DST) From: torstenb@solar.tlk.com (Torsten Blum) To: gpalmer@freebsd.org (Gary Palmer) Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <m0uYUeO-00022NC@solar.tlk.com> In-Reply-To: <27780.835661925@palmer.demon.co.uk> from Gary Palmer at "Jun 25, 96 01:18:45 am"
index | next in thread | previous in thread | raw e-mail
Gary Palmer wrote: > [ CC: Trimmed ] > > > Yeah, that's the real question is like if he can transfer the > > binary from another machine and have it work... other people can do the > > same thing and gain access to FreeBSD boxes as root as long as they have > > a account on that machine... > > Sort of. You need root access in the first place to create a suid root > shell... It could be an old exploit that is now closed (like the > mount_union loophole)... Or the telnetd environment hole - it was possible to become root via telnet without an account on the target machine. -tbhelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0uYUeO-00022NC>