Re: [PATCH] Re: FreeBSD remote root exploit ?

From: Adam (bsdx@looksharp.net)
Date: 07/29/01

• Next message: Jon Loeliger: "Re: Some Followup on that ypchfn mess of mine"
• Previous message: Clemens Hermann: "proxy recommendation"
• In reply to: alexus: "Re: [PATCH] Re: FreeBSD remote root exploit ?"
• Next in thread: Igor Roshchin: "Re: [PATCH] Re: FreeBSD remote root exploit ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 29 Jul 2001 13:40:26 -0400 (EDT)
From: Adam <bsdx@looksharp.net>
To: alexus <ml@db.nexgen.com>

Looks to me like it was already compiled so it just installed it. Try
make clean first

On Thu, 19 Jul 2001, alexus wrote:

>su-2.05# cd /usr/src/libexec/telnetd/
>su-2.05# make all install
>install -c -s -o root -g wheel -m 555 telnetd /usr/libexec
>install -c -o root -g wheel -m 444 telnetd.8.gz /usr/share/man/man8
>su-2.05#
>
>hmm that's it? seems like too short compilation .. is it supposed to be like
>this?
>
>----- Original Message -----
>From: "Chris Byrnes" <chris@jeah.net>
>To: "alexus" <ml@db.nexgen.com>
>Cc: <security@FreeBSD.ORG>
>Sent: Thursday, July 19, 2001 1:39 PM
>Subject: Re: [PATCH] Re: FreeBSD remote root exploit ?
>
>
>root# cd /usr/src/libexec/telnetd ; make all install ; killall -HUP inetd
>
>
>Chris Byrnes, Managing Member
>JEAH Communications, LLC
>
>On Thu, 19 Jul 2001, alexus wrote:
>
>> uh. ok:)
>>
>> this part is done.. should i recompile telnetd now somehow? if so then
>> how?:)
>>
>> ----- Original Message -----
>> From: "Pierre-Luc Lespérance" <silence@oksala.org>
>> To: <security@FreeBSD.ORG>
>> Sent: Thursday, July 19, 2001 1:28 PM
>> Subject: Re: [PATCH] Re: FreeBSD remote root exploit ?
>>
>>
>> > alexus wrote:
>> > >
>> > > could you also include some sort of instruction how to apply it?
>> > >
>> > > thanks in advance
>> > >
>> > > ----- Original Message -----
>> > > From: "Ruslan Ermilov" <ru@FreeBSD.ORG>
>> > > To: "Przemyslaw Frasunek" <venglin@freebsd.lublin.pl>
>> > > Cc: <security@FreeBSD.ORG>
>> > > Sent: Thursday, July 19, 2001 1:14 PM
>> > > Subject: [PATCH] Re: FreeBSD remote root exploit ?
>> > >
>> > > > On Thu, Jul 19, 2001 at 11:03:53AM +0200, Przemyslaw Frasunek wrote:
>> > > > > > Posted to bugtraq is a notice about telnetd being remotely root
>> > > > > > exploitable. Does anyone know if it is true ?
>> > > > >
>> > > > > Yes, telnetd is vulnerable.
>> > > > >
>> > > > The patch is available at:
>> > > >
>> > > > http://people.FreeBSD.org/~ru/telnetd.patch
>> > > >
>> > > >
>> > > > Cheers,
>> > > > --
>> > > > Ruslan Ermilov Oracle Developer/DBA,
>> > > > ru@sunbay.com Sunbay Software AG,
>> > > > ru@FreeBSD.org FreeBSD committer,
>> > > > +380.652.512.251 Simferopol, Ukraine
>> > > >
>> > > > http://www.FreeBSD.org The Power To Serve
>> > > > http://www.oracle.com Enabling The Information Age
>> > > >
>> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
>> > > > with "unsubscribe freebsd-security" in the body of the message
>> > > >
>> > >
>> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
>> > > with "unsubscribe freebsd-security" in the body of the message
>> > go to /usr/src/crypto/telnet/telnetd
>> > and type
>> > shell~# patch -p < /where/is/the/file.patch
>> >
>> > To Unsubscribe: send mail to majordomo@FreeBSD.org
>> > with "unsubscribe freebsd-security" in the body of the message
>> >
>>
>>
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe freebsd-security" in the body of the message
>>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Jon Loeliger: "Re: Some Followup on that ypchfn mess of mine"
• Previous message: Clemens Hermann: "proxy recommendation"
• In reply to: alexus: "Re: [PATCH] Re: FreeBSD remote root exploit ?"
• Next in thread: Igor Roshchin: "Re: [PATCH] Re: FreeBSD remote root exploit ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [PATCH] Re: FreeBSD remote root exploit ? ... > su-2.05# make all install ... > hmm that's it? ... seems like too short compilation .. ... > On Thu, 19 Jul 2001, alexus wrote: ... (FreeBSD-Security) Re: [PATCH] Re: FreeBSD remote root exploit ? ... >alexus wrote: ... >> su-2.05# make all install ... >> hmm that's it? ... seems like too short compilation .. ... (FreeBSD-Security) fault installing DBD::mysql in solaris 9 ... people said that a new mysql server compiled by them solved the problem ... I configure the make as it was recommended by the install document ... detection includes or libraries problems. ... The GD module I compiled again, with the fixed compilation ... (comp.lang.perl.modules) Installing DjVu plug-in ... I had an unsuccessful attempt to install DjVuLibre -3.5.17 plug-in on ... bash: Gyurka@bakacs: command not found ... You can then perform the compilation by typing ... (Fedora) Re: Linux Vs. FreeBSD ... >>> required to install a binary under ideal conditions. ... an automated compilation system is an ... > good way to handle very small packages where the amount of time needed ... daily updates typically take about 1.5 ... (comp.os.linux.misc)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint