Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Jul 2001 13:56:51 -0400 (EDT)
From:      Igor Roshchin <str@giganda.komkon.org>
To:        chris@jeah.net, ml@db.nexgen.com
Cc:        security@FreeBSD.ORG
Subject:   Re: [PATCH] Re: FreeBSD remote root exploit ?
Message-ID:  <200107191756.f6JHupL14475@giganda.komkon.org>
In-Reply-To: <20010719123906.D71473-100000@awww.jeah.net>

next in thread | previous in thread | raw e-mail | index | archive | help

It is /usr/src/crypto/telnet/telnetd that is patched by the patch in question.
/usr/src/libexec/telnetd is not touched.

So, does not seem to be incorrect.

The correct directory would be 
/usr/src/secure/libexec/telnetd

So, 
cd /usr/src/secure/libexec/telnetd
make all
make install
...

However, in my case (4.3-RELEASE) the compile failed,
(the patch seemed to apply cleanly).
Below is make's output.

Igor

...secure/libexec/telnetd#make
Warning: Object directory not changed from original /usr/src/secure/libexec/telnetd
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/global.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/slc.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/state.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/sys_term.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/telnetd.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/termstat.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/utility.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA   -c /usr/src/secure/libexec/telnetd/../../../crypto/telnet/telnetd/authenc.c
cc -O -pipe  -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON  -DENV_HACK -DAUTHENTICATION -DENCRYPTION  -I/usr/src/secure/libexec/telnetd/../../../crypto/telnet -DINET6 -DNO_IDEA    -o telnetd global.o slc.o state.o sys_term.o telnetd.o termstat.o utility.o authenc.o  -lutil -ltermcap -L/usr/src/secure/libexec/telnetd/../../lib/libtelnet -ltelnet -lcrypto -lcrypt -lmp
/usr/lib/libtelnet.a(kerberos.o): In function `kerberos4_init':
kerberos.o(.text+0x114): undefined reference to `krb_get_default_keyfile'
/usr/lib/libtelnet.a(kerberos.o): In function `kerberos4_send':
kerberos.o(.text+0x1a6): undefined reference to `krb_get_phost'
kerberos.o(.text+0x1e3): undefined reference to `krb_realmofhost'
kerberos.o(.text+0x21a): undefined reference to `krb_mk_req'
kerberos.o(.text+0x22b): undefined reference to `krb_err_txt'
kerberos.o(.text+0x24d): undefined reference to `krb_get_cred'
kerberos.o(.text+0x25e): undefined reference to `krb_err_txt'
/usr/lib/libtelnet.a(kerberos.o): In function `kerberos4_is':
kerberos.o(.text+0x456): undefined reference to `krb_get_lrealm'
kerberos.o(.text+0x53c): undefined reference to `krb_rd_req'
kerberos.o(.text+0x56c): undefined reference to `krb_err_txt'
kerberos.o(.text+0x5a2): undefined reference to `krb_kntoln'
kerberos.o(.text+0x5c1): undefined reference to `kuserok'
/usr/lib/libtelnet.a(kerberos.o): In function `kerberos4_status':
kerberos.o(.text+0x89e): undefined reference to `kuserok'
*** Error code 1

Stop in /usr/src/secure/libexec/telnetd.








> Date: Thu, 19 Jul 2001 12:39:43 -0500 (CDT)
> From: Chris Byrnes <chris@jeah.net>
> To: alexus <ml@db.nexgen.com>
> Cc: <security@FreeBSD.ORG>
> Subject: Re: [PATCH] Re: FreeBSD remote root exploit ?
>
> root# cd /usr/src/libexec/telnetd ; make all install ; killall -HUP inetd
>
>
> Chris Byrnes, Managing Member
> JEAH Communications, LLC
>
> On Thu, 19 Jul 2001, alexus wrote:
>
> > uh. ok:)
> >
> > this part is done.. should i recompile telnetd now somehow? if so then
> > how?:)
> >
> > ----- Original Message -----
> > From: "Pierre-Luc Lespérance" <silence@oksala.org>
> > To: <security@FreeBSD.ORG>
> > Sent: Thursday, July 19, 2001 1:28 PM
> > Subject: Re: [PATCH] Re: FreeBSD remote root exploit ?
> >
> >
> > > alexus wrote:
> > > >
> > > > could you also include some sort of instruction how to apply it?
> > > >
> > > > thanks in advance
> > > >
> > > > ----- Original Message -----
> > > > From: "Ruslan Ermilov" <ru@FreeBSD.ORG>
> > > > To: "Przemyslaw Frasunek" <venglin@freebsd.lublin.pl>
> > > > Cc: <security@FreeBSD.ORG>
> > > > Sent: Thursday, July 19, 2001 1:14 PM
> > > > Subject: [PATCH] Re: FreeBSD remote root exploit ?
> > > >
> > > > > On Thu, Jul 19, 2001 at 11:03:53AM +0200, Przemyslaw Frasunek wrote:
> > > > > > > Posted to bugtraq is a notice about telnetd being remotely root
> > > > > > > exploitable. Does anyone know if it is true ?
> > > > > >
> > > > > > Yes, telnetd is vulnerable.
> > > > > >
> > > > > The patch is available at:
> > > > >
> > > > > http://people.FreeBSD.org/~ru/telnetd.patch
> > > > >
> > > > >
> > > > > Cheers,
> > > > > --
> > > > > Ruslan Ermilov Oracle Developer/DBA,
> > > > > ru@sunbay.com Sunbay Software AG,
> > > > > ru@FreeBSD.org FreeBSD committer,
> > > > > +380.652.512.251 Simferopol, Ukraine
> > > > >
> > > > > http://www.FreeBSD.org The Power To Serve
> > > > > http://www.oracle.com Enabling The Information Age
> > > > >
> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > > with "unsubscribe freebsd-security" in the body of the message
> > > > >
> > > >
> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > with "unsubscribe freebsd-security" in the body of the message
> > > go to /usr/src/crypto/telnet/telnetd
> > > and type
> > > shell~# patch -p < /where/is/the/file.patch
> > >

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107191756.f6JHupL14475>