Re: IMPORTANT FOR lukemftpd USERS (was Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath)
From: Jacques A. Vidrine (nectar_at_FreeBSD.org)
Date: Mon, 4 Aug 2003 18:13:22 -0500 To: freebsd-security@FreeBSD.org
On Mon, Aug 04, 2003 at 05:35:11PM -0500, Jacques A. Vidrine wrote:
> I have a correction to make regarding the above text. In the case of
> lukemftpd (and lukemftpd only), in some situations the vulnerability
> may be used to execute code with _superuser privileges_.
> If lukemftpd is NOT invoked with `-r', then it does NOT completely
> drop privileges when a user logs in. Thus, a successful exploit will
> be able to regain superuser privileges.
(By the way, it was Robert Watson <rwatson@FreeBSD.org> who encouraged
me to look at this a second time.)
> I would normally immediately publish a revised advisory with this
> additional information, however lukemftpd is neither built nor
> installed by default. Since that is the case, I will probably wait a
> few days before revision in case further useful information comes to
Colin Percival <firstname.lastname@example.org> pointed out that
lukemftpd actually *did* ship with 4.7-RELEASE (!!), so I will be
sending out a revision sooner rather than later.
-- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal email@example.com . firstname.lastname@example.org . email@example.com . firstname.lastname@example.org _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "firstname.lastname@example.org"