From owner-freebsd-security Thu Jul 19 22:47:57 2001 Delivered-To: freebsd-security@freebsd.org Received: from science.slc.edu (Science.SLC.Edu [198.83.6.248]) by hub.freebsd.org (Postfix) with ESMTP id 95D1337B406 for ; Thu, 19 Jul 2001 22:47:54 -0700 (PDT) (envelope-from aschneid@science.slc.edu) Received: (from aschneid@localhost) by science.slc.edu (8.11.0/8.11.0) id f6K5mp585864; Fri, 20 Jul 2001 01:48:51 -0400 (EDT) (envelope-from aschneid) Date: Fri, 20 Jul 2001 01:48:51 -0400 From: Anthony Schneider To: Chris Byrnes Cc: Cy Schubert - ITSD Open Systems Group , Richard Lucas , security@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010720014851.A85841@mail.slc.edu> References: <200107192104.f6JL4GX00992@cwsys.cwsent.com> <20010719233443.T50064-100000@awww.jeah.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010719233443.T50064-100000@awww.jeah.net>; from chris@jeah.net on Thu, Jul 19, 2001 at 11:35:01PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org cd /usr/src/crypto/telnet/telnetd patch -p < /path/to/patch cd /usr/src/secure/libexec/telnetd make mv /usr/libexec/telnetd /usr/libexec/telnetd.hole cp telnetd /usr/libexec/telnetd kill -HUP `cat /var/run/inetd.pid` That should work just fine. -Anthony. On Thu, Jul 19, 2001 at 11:35:01PM -0500, Chris Byrnes wrote: > I think this patching and merging needs to take place ASAP, and very > publially, because it appears everyone, including me, is very confused. > > > Chris Byrnes, Managing Member > JEAH Communications, LLC > > On Thu, 19 Jul 2001, Cy Schubert - ITSD Open Systems Group wrote: > > > In message <20010719152558.G24980-100000@mx2.threeh.com>, Richard Lucas > > writes: > > > Ok in the emails I've read so far there has been 3 different paths listed > > > on where to apply this patch. Can someone say for sure where it goes? > > > > > > /usr/src/crypo/telnet/telnetd/ > > > /usr/src/libexec/telnetd/ > > > /usr/src/secure/libexec/telnetd/ > > > > > > I have nothing in the last one except a Makefile so obviously that isn't > > > going to work. > > > > The patch should be applied to /usr/src/crypto/telnet/telnetd. As I > > understand it, the other telnetd's will have patches applied/issued > > shortly and subsequently a merging of telnetd's will take place. > > > > > > Regards, Phone: (250)387-8437 > > Cy Schubert Fax: (250)387-5766 > > Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca > > Open Systems Group, ITSD, ISTA > > Province of BC > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message