Date: Wed, 4 Oct 2000 13:15:55 -0400 From: "John" <john@digitalinet.com> To: "Mike Tancsa" <mike@sentex.net>, "Warner Losh" <imp@village.org> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Fwd: BSD chpass Message-ID: <008001c02e26$c20c6100$03030303@dns> References: <4.2.2.20001004011210.035225e0@mail.sentex.net> <200010041719.LAA37604@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
chmod a-s /usr/bin/chpass or chmod 700 /usr/bin/chpass Solution or not ? I believe that will work out just fine. ----- Original Message ----- From: "Warner Losh" <imp@village.org> To: "Mike Tancsa" <mike@sentex.net> Cc: <freebsd-security@FreeBSD.ORG> Sent: Wednesday, October 04, 2000 1:19 PM Subject: Re: Fwd: BSD chpass > In message <4.2.2.20001004011210.035225e0@mail.sentex.net> Mike Tancsa writes: > : OK, here is a nasty bugtraq posting :-( > > There will be an advisory about this, but the short answer is: > o 1.x is NOT vulnerable > o 2.x, and 3.x through 3.5.1-RELEASE and 4.0-RELEASE are vulnerable > o 4.1-RELEASE and 4.1.1-RELEASE are NOT vulnerable > o 2.1.x-stable, 2.2.8-stable and 3.5.1-stable have been fixed as > of 8 hours ago. > > Warner > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008001c02e26$c20c6100$03030303>