From owner-freebsd-security  Thu Jul 12 13:11: 1 2001
Delivered-To: freebsd-security@freebsd.org
Received: from db.nexgen.com (db.nexgen.com [66.92.98.149])
	by hub.freebsd.org (Postfix) with SMTP id ED52E37B405
	for <security@freebsd.org>; Thu, 12 Jul 2001 13:10:57 -0700 (PDT)
	(envelope-from ml@db.nexgen.com)
Received: (qmail 88366 invoked from network); 12 Jul 2001 20:10:59 -0000
Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1)
  by localhost.nexgen.com with SMTP; 12 Jul 2001 20:10:59 -0000
Message-ID: <003201c10b0e$c1cab6e0$97625c42@alexus>
From: "alexus" <ml@db.nexgen.com>
To: "serkoon" <serkoon@thedarkside.nl>, <security@freebsd.org>
References: <657B20E93E93D4118F9700D0B73CE3EA02FFEFB7@goofy.epylon.lan> <005701c10af9$bd7a7c20$0200000a@kilmarnock>
Subject: Re: FreeBSD 4.3 local root
Date: Thu, 12 Jul 2001 16:10:54 -0400
Organization: NexGen
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2499.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

not true

alexus@opt:~$ sh
$ ./vv
vvfreebsd. Written by Georgi Guninski
shall jump to bfbffe70
child=780
login: done


and nothin is happenin



----- Original Message ----- 
From: "serkoon" <serkoon@thedarkside.nl>
To: <security@freebsd.org>
Sent: Thursday, July 12, 2001 1:40 PM
Subject: Re: FreeBSD 4.3 local root


> Somebody said something somewhere:
> 
> > is the binary named 'vv' ?
> > 
> > It has to be.
> 
> The binary doesn't need to be named 'vv', that's bull. 
> 
> However.. there are several reports (myself included)
> of people not being able to succesfully run the exploit
> because of the used shell. Normally I use bash (2.05.?),
> but somebody told me he could succesfully exploit
> the bug using Midnight Commander, so I tried that. 
> 
> It worked for me. So I did a bit thinking and executed
> /bin/sh. That was what was needed to run the exploit
> successfully. No need to change the exploitcode
> or build it as 'vv', just use /bin/sh as shell. 
> 
> Regards.. 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message