Date: Wed, 22 Mar 2000 12:30:33 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: =?X-UNKNOWN?Q?Javier_Villari=F1o_Ord=F3=F1ez?= <villar@ceniai.inf.cu> Cc: ports@freebsd.org Subject: Re: Hylafax problems Message-ID: <Pine.BSF.4.21.0003221227370.62120-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.3.96.1000322080310.12656C-100000@int.ceniai.inf.cu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Mar 2000, Javier Villari=F1o Ord=F3=F1ez wrote: > When I try to install Hylafax I get that: >=20 > "Security hole (buffer overflow yielding setuid uucp)" >=20 > What is the meaning of that? There is a security hole which allows local users on your system to obtain the privileges of the uucp user, and possibly from there to gain further privileges (possibly including root). I've been told that there's also a network daemon installed by the port - in this case, it might also be vulnerable to a remote attack, but I haven't checked whether this is true or not. Basically, install at your own risk :) Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003221227370.62120-100000>