From owner-freebsd-security  Thu Jul 19 10:10:32 2001
Delivered-To: freebsd-security@freebsd.org
Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6214937B405; Thu, 19 Jul 2001 10:10:21 -0700 (PDT)
	(envelope-from ru@whale.sunbay.crimea.ua)
Received: (from ru@localhost)
	by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f6JHA9E64003;
	Thu, 19 Jul 2001 20:10:09 +0300 (EEST)
	(envelope-from ru)
Date: Thu, 19 Jul 2001 20:10:09 +0300
From: Ruslan Ermilov <ru@FreeBSD.ORG>
To: Assar Westerlund <assar@FreeBSD.ORG>
Cc: "Jacques A. Vidrine" <n@nectar.com>,
	Matt Dillon <dillon@earth.backplane.com>,
	Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>,
	Mike Tancsa <mike@sentex.net>, Kris Kennaway <kris@obsecurity.org>,
	security@FreeBSD.ORG
Subject: Re: FreeBSD remote root exploit ?
Message-ID: <20010719201009.A61061@sunbay.com>
Mail-Followup-To: Assar Westerlund <assar@FreeBSD.ORG>,
	"Jacques A. Vidrine" <n@nectar.com>,
	Matt Dillon <dillon@earth.backplane.com>,
	Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>,
	Mike Tancsa <mike@sentex.net>, Kris Kennaway <kris@obsecurity.org>,
	security@FreeBSD.ORG
References: <200107190547.f6J5lmD66188@cwsys.cwsent.com> <200107190747.f6J7lMU71487@earth.backplane.com> <20010719102230.L27900@madman.nectar.com> <5lpuaw26kt.fsf@assaris.sics.se>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <5lpuaw26kt.fsf@assaris.sics.se>; from assar@FreeBSD.ORG on Thu, Jul 19, 2001 at 07:04:50PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, Jul 19, 2001 at 07:04:50PM +0200, Assar Westerlund wrote:
> "Jacques A. Vidrine" <n@nectar.com> writes:
> > Actually, Heimdal's telnetd _is_ vulnerable, but I don't know if it is
> > exploitable.
> 
> I don't know if it's exploitable either.  I don't _think_ so, but I've
> of course fixed the problem anyways.
> 
You mean, in netflush()?


-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message