Re: su: s/key
From: Jason DiCioccio (geniusj@bluenugget.net)
Date: 04/25/02
- Next message: Johan Karlsson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio"
- Previous message: Patrick O. Fish: "su: s/key"
- In reply to: Patrick O. Fish: "su: s/key"
- Next in thread: Patrick O. Fish: "Re: su: s/key"
- Reply: Patrick O. Fish: "Re: su: s/key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Apr 2002 16:02:11 -0700 From: Jason DiCioccio <geniusj@bluenugget.net> To: "Patrick O. Fish" <patrick@pwhsnet.com>, freebsd-security@freebsd.org
--On Wednesday, April 24, 2002 3:27 PM -0700 "Patrick O. Fish"
<patrick@pwhsnet.com> wrote:
> I just got back from a vacation today. I had an email from my security
> officer saying that he was able to use an exploit to get root, and that he
> patched it (took suid off that file). I goto su, and i get this:
>
> patrick@apollo:~$ su
> s/key 95 snosoft2
> Password:
>
If what you're saying is that when you got back from vacation and tried to
su, you got that s/key prompt, then it looks like someone has already used
the stdio exploit on your box.
Cheers,
-JD-
---- Useless .sig
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Johan Karlsson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio"
- Previous message: Patrick O. Fish: "su: s/key"
- In reply to: Patrick O. Fish: "su: s/key"
- Next in thread: Patrick O. Fish: "Re: su: s/key"
- Reply: Patrick O. Fish: "Re: su: s/key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
