Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: procfs hole
From: brian () FIREHOUSE NET (Brian Mitchell)
Date: Sun, 10 Aug 1997 14:38:41 -0400

On Sun, 10 Aug 1997, Jonathan A. Zdziarski wrote:


This would be a horrible solution. Someone is just going to chose another
function to overwrite and do a setuid(0) and execve() of some shell.


Would disabling bash and sh (and any other shells that allowed this) be a
good temporary solution?  I've noticed you have to have it set as your
default shell, so removing it from /etc/shells could prevent this.  It's
either that or disbale procfs (and I'm still not sure what the effects of
that would be)


-------------------------------------------------------------------------
Jonathan A. Zdziarski                                NetRail Incorporated
Server Engineering Manager                    230 Peachtree St. Suite 500
jonz () netrail net                                        Atlanta, GA 30303
http://www.netrail.net                                    (888) - NETRAIL
-------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]