From owner-freebsd-questions  Mon Mar 31 02:00:37 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id CAA03267
          for questions-outgoing; Mon, 31 Mar 1997 02:00:37 -0800 (PST)
Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id CAA03259
          for <freebsd-questions@freebsd.org>; Mon, 31 Mar 1997 02:00:34 -0800 (PST)
Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.8.5/8.6.12) with SMTP id CAA00718; Mon, 31 Mar 1997 02:00:32 -0800 (PST)
Date: Mon, 31 Mar 1997 02:00:31 -0800 (PST)
From: Doug White <dwhite@gdi.uoregon.edu>
X-Sender: dwhite@localhost
Reply-To: Doug White <dwhite@resnet.uoregon.edu>
To: maruishi@best.com
cc: freebsd-questions@freebsd.org
Subject: Re: ppp hack ?
In-Reply-To: <199703310100.RAA09893@shell4.ba.best.com>
Message-ID: <Pine.BSI.3.94.970331015936.397c-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Sun, 30 Mar 1997 maruishi@best.com wrote:

> I am running FreeBSD version 2.1.5
> 
> A friend of mine said that there is some type of exploit
> having to do with ppp which allows the "cracker" to gain root.
> 
> Does anyone know about this?

There is a way to exploit a buffer overrun with ppp.  Remove setuid/setgid
and run as root or upgrade.

> Should I upgrade my current version of FreeBSD and/or apply 
> any patches?

If you're on 2.1.5 and can afford some downtime, now would be a good time
to upgrade.

Doug White                              | University of Oregon  
Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
http://gladstone.uoregon.edu/~dwhite    | Computer Science Major