From owner-freebsd-security  Fri Nov 22 14:23:08 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA21734
          for security-outgoing; Fri, 22 Nov 1996 14:23:08 -0800 (PST)
Received: from pdx1.world.net (pdx1.world.net [192.243.32.18])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA21696;
          Fri, 22 Nov 1996 14:22:13 -0800 (PST)
Received: from suburbia.net (suburbia.net [198.142.2.24]) by pdx1.world.net (8.7.5/8.7.3) with ESMTP id OAA01872; Fri, 22 Nov 1996 14:22:11 -0800 (PST)
Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id IAA13622; Sat, 23 Nov 1996 08:53:49 +1100
From: Julian Assange <proff@suburbia.net>
Message-Id: <199611222153.IAA13622@suburbia.net>
Subject: Re: Futile rexecd holes
To: pst@shockwave.com (Paul Traina)
Date: Sat, 23 Nov 1996 08:53:48 +1100 (EST)
Cc: cschuber@uumail.gov.bc.ca, security-officer@FreeBSD.ORG,
        freebsd-security@FreeBSD.ORG
In-Reply-To: <199611220947.BAA05167@precipice.shockwave.com> from "Paul Traina" at Nov 22, 96 01:47:27 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> 
> After some careful analysis of the rexec/rshd "holes" mentioned in the
> message,  I'm convinced there are no security holes that actually need
> fixing.
> 
> Both exploits, even with tcp spoofing, give you nothing more than spoofing
> directly would do.
> 
> Thanks for the notice though,
> 
> Paul

Except you do not need root. It exploits the trust model, where it could
not be exploited before.


-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff@suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff@gnu.ai.mit.edu | FAX +61-3-98199066 | C7F81C2AA32D7D4E4D360A2ED2098E0D |
+---------------------+--------------------+----------------------------------+