From owner-freebsd-security  Wed Jun 26 15:27:54 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id PAA26335
          for security-outgoing; Wed, 26 Jun 1996 15:27:54 -0700 (PDT)
Received: from post.io.org (post.io.org [198.133.36.6])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA26189
          for <freebsd-security@freebsd.org>; Wed, 26 Jun 1996 15:27:26 -0700 (PDT)
Received: from zap.io.org (taob@zap.io.org [198.133.36.81]) by post.io.org (8.7.5/8.7.3) with SMTP id SAA06682; Wed, 26 Jun 1996 18:23:13 -0400 (EDT)
Date: Wed, 26 Jun 1996 18:24:07 -0400 (EDT)
From: Brian Tao <taob@io.org>
To: Guido van Rooij <guido@gvr.win.tue.nl>
cc: freebsd-security@freebsd.org
Subject: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd)
In-Reply-To: <199606262200.AAA24286@gvr.win.tue.nl>
Message-ID: <Pine.NEB.3.92.960626182306.8402B-100000@zap.io.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 27 Jun 1996, Guido van Rooij wrote:
>
> We know. This bug was first reported by Paul Traina to CERT.
> Of course we're not going to get into details.

    Yeah, I noticed his name near the end.  Since we're not
vulnerable, what is the exploit?  I mean, if I don't hear it from this
list or CERT, it'll probably show up in Bugtraq or BoS anyway.
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"