From owner-freebsd-security  Mon Jul 15 14:11:41 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA16059
          for security-outgoing; Mon, 15 Jul 1996 14:11:41 -0700 (PDT)
Received: from guarany.cpd.unb.br (guarany.cpd.unb.br [164.41.2.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA15692
          for <security@freefall.freebsd.org>; Mon, 15 Jul 1996 14:11:04 -0700 (PDT)
Received: from antares.linf.unb.br by guarany.cpd.unb.br (AIX 3.2/UCB 5.64/4.03)
          id AA41856; Mon, 15 Jul 1996 18:04:12 -0300
Received: from centaurus by antares.linf.unb.br (4.1/SMI-4.1)
	id AA15879; Mon, 15 Jul 96 18:12:36 WST
From: e8917523@antares.linf.unb.br (Daniel C. Sobral)
Message-Id: <9607152212.AA15879@antares.linf.unb.br>
Subject: Specific problem???
To: security@freefall.freebsd.org
Date: Mon, 15 Jul 1996 18:12:35 -0400 (WST)
In-Reply-To: <199607152043.NAA09614@freefall.freebsd.org> from "owner-security-digest@freefall.freebsd.org" at Jul 15, 96 01:43:30 pm
Disclaimer: Klaatu Barada Nikto!
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
> Date: Mon, 15 Jul 1996 13:43:06 -0700 (PDT)
> Subject: Please stop CCing FreeBSD-Security
> 
> > Ok, for almost 3 weeks now we at Gaianet have been tracking root hackers 
> > around our box. FINALLY, today at about 3 pm one of them made a BIG BIG 
> > mistake. Fortunately, for us I was around to watch what happened and kill 
> > the user before he was able to erase his history files and the exploit 
> > itself. So here are the files necessary to fix whatever hole this 
> > exploits. We run Freebsd Current so it obviously makes most freebsd 
> > systems vulnerable to a root attack. I appreciate any help you can offer.
> > 
> > John
> > SysAdmin Gaianet
> 
> Please stop sending your local information to freebsd-security!  It is not a 
> forum to discuss your specific system's security problems.

??? I was given the impression that the problem was present, for instance,
in all FreeBSD 2.1.0-R, and possibly the newly released 2.1.5-R. How does
that constitue a "specific system's security problem"?

-- 
Daniel C. Sobral                (8-DCS)
e8917523@linf.unb.br

	* Psychiatric Hospital? And everyone there is an FBI agent? *