From owner-freebsd-security Wed Jul 25 7:35:50 2001 Delivered-To: freebsd-security@freebsd.org Received: from kira.epconline.net (kira2.epconline.net [209.83.132.2]) by hub.freebsd.org (Postfix) with ESMTP id 1733D37B448 for ; Wed, 25 Jul 2001 07:31:36 -0700 (PDT) (envelope-from carock@epconline.net) Received: from therock (betterguard.epconline.net [207.206.185.193]) by kira.epconline.net (8.11.4/8.11.4) with SMTP id f6PEV9P33784 for ; Wed, 25 Jul 2001 09:31:09 -0500 (CDT) From: "Chuck Rock" To: Subject: I'm having problems getting this patch installed.... Date: Wed, 25 Jul 2001 09:31:09 -0500 Message-ID: <005201c11516$72761690$1805010a@epconline.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Below is some E-mail from someone who is trying to help me. I'm having problems installing the telnetd patch on my FreeBSD 4.2 release box. Any help appreciated. Thanks, Chuck -----Original Message----- From: Chuck Rock [mailto:carock@epconline.net] Sent: Tuesday, July 24, 2001 3:56 PM To: Mike Tancsa Subject: RE: telnetd root exploit When we set them up, we use the development which is supposed to install the source code... when I ls the /usr/src/crypto, I get the following... README kerberosIV/ openssl/ heimdal/ openssh/ telnet/ In this directory... /usr/src/crypto/telnet/telnetd There are the following files. authenc.c global.c state.c telnetd.c utility.c defs.h pathnames.h sys_term.c telnetd.h ext.h slc.c telnetd.8 termstat.c This is FreeBSd 4.2 Release which the patch is supposed to work for as well. Thanks for you help. Chuck > -----Original Message----- > From: Mike Tancsa [mailto:mike@sentex.net] > Sent: Tuesday, July 24, 2001 3:40 PM > To: Chuck Rock > Subject: RE: telnetd root exploit > > > > Do you have the source code on your server ? > > ---Mike > > At 03:40 PM 7/24/01 -0500, Chuck Rock wrote: > >OK, I'm sorry I didn't read the entire post, but when trying the patch, I > >get the following. > > > >Here's the instructions for me listed in the advisory... > ># cd /usr/src/ > ># patch -p < /path/to/patch > ># cd /usr/src/libexec/telnetd > ># make depend && make all install > > > >When I type in the patch -p line, I get... > > > >Hmm... Looks like a unified diff to me... > >The text leading up to this was: > >-------------------------- > >|Index: libexec/telnetd/ext.h > >|=================================================================== > >|RCS file: /home/ncvs/src/libexec/telnetd/ext.h,v > >|retrieving revision 1.8 > >|retrieving revision 1.10 > >|diff -u -r1.8 -r1.10 > >|--- libexec/telnetd/ext.h 2000/11/19 10:01:27 1.8 > >|+++ libexec/telnetd/ext.h 2001/07/23 22:00:51 1.10 > >-------------------------- > >File to patch: > > > >How do I answer this? I'm assuming libexec/telnetd/ext.h, but I > don't want > >to screw it up. > > > >Thanks, > >Chuck > > > > > -----Original Message----- > > > From: owner-freebsd-security@FreeBSD.ORG > > > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Mike Tancsa > > > Sent: Tuesday, July 24, 2001 12:48 PM > > > To: Chuck Rock; security@FreeBSD.ORG > > > Subject: RE: telnetd root exploit > > > > > > > > > At 12:42 PM 7/24/01 -0500, Chuck Rock wrote: > > > >OK, is there a how to page for installing these patches? > They aren't self > > > >evident, and the search on FreeBSD.org keeps bringing up > results from the > > > >commiters handbook... > > > > > > There are instructions in the advisory. What part are you > stuck on ? i.e. > > > post the steps you took, and where you ran into trouble. > > > > > > ---Mike > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message