From owner-freebsd-security  Sun Aug 10 13:27:37 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id NAA12608
          for security-outgoing; Sun, 10 Aug 1997 13:27:37 -0700 (PDT)
Received: from netrail.net (netrail.net [205.215.10.3])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA12601
          for <freebsd-security@FreeBSD.ORG>; Sun, 10 Aug 1997 13:27:34 -0700 (PDT)
Received: from localhost (jonz@localhost)
	by netrail.net (8.8.6/8.8.6) with SMTP id QAA04274;
	Sun, 10 Aug 1997 16:26:49 GMT
Date: Sun, 10 Aug 1997 16:26:49 +0000 (GMT)
From: "Jonathan A. Zdziarski" <jonz@netrail.net>
To: Nicole <nicole@mediacity.com>
cc: Brian Mitchell <brian@firehouse.net>, freebsd-security@FreeBSD.ORG
Subject: Re: procfs hole 
In-Reply-To: <Chameleon.871242709.work@blabgoo>
Message-ID: <Pine.BSF.3.95q.970810162634.3062A-100000@netrail.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

You need to store the program in a .c file, then type 'cc -ofilename
filename.c' and compile it


-------------------------------------------------------------------------
Jonathan A. Zdziarski                                NetRail Incorporated
Server Engineering Manager                    230 Peachtree St. Suite 500
jonz@netrail.net                                        Atlanta, GA 30303
http://www.netrail.net                                    (888) - NETRAIL
------------------------------------------------------------------------- 

On Sun, 10 Aug 1997, Nicole wrote:

:
:> There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected,
:> I have not tested 3.x but I believe it to be vulnerable as well) along
:> with OpenBSD (not tested by me, but by someone else -- believe it was
:> 2.1-RELEASE although obsd doesnt mount procfs by default like freebsd
:> does).
:
:
:Hello
: I have tried to run Brians script to test a few servers, however as I am new to some of this, I'm not sure that i am using it 
:correctly and would appreciate any help.
:
: Basicly I have saved the file as a .sh file and am trying to execute it. I am using /bin/sh as my shell.
: The errors I receive are:
:
:u_char: not found
:0x8d,: not found
:0x9a,: not found
:./h.sh: /bin: permission denied
:./h.sh: /bin: permission denied
:u_char: not found
:./h.sh: 15: Syntax error: word unexpected (expecting ")")
:
:
: What stupidly obvious thing am I missing...
:
:
: Thanks
:
:
: Nicole
:
:
:
:
:nicole@mediacity.com    |\ __ /| (`\  http://www.mediacity.com
:Nicole Harrington       | o_o |__ ) ) Phone: 415-237-1464
:                         // \\        Pager: 415-301-2482
:                 Systems Administrator
:------------------------(((---(((-------------------------------------
:* What do you mean Spelling Errors? My Modem is Error Correcting!
:
:A cynic is an idealist who's tired. --
:Courtesy is owed. Respect is earned. Love is given. --
:-----------------------------------------------------------------------
: