|
Bugtraq
mailing list archives
Re: Potential security problem with mtr
From: viktor () DTEK CHALMERS SE (Viktor Fougstedt)
Date: Sat, 4 Mar 2000 21:13:03 +0100
On Sat, 4 Mar 2000, Rogier Wolff wrote:
Viktor Fougstedt wrote:
mtr-0.28 seems to be a standard package in some Linux distributions,
but it is not known whether it is installed setuid-root.
0.41 is current.
0.41 was the version I tried. I'm sorry I didn't make that
clearer. The mentioning of 0.28 comes from the fact that that is the
version distributed with Debian. 0.41 has the same problem, though.
The authors have been contacted, but no reply has been received. The
latest version is from Aug 19 1999, and I am uncertain whether mtr is
still being actively developed.
I'm the maintainer. I haven't been contacted. Viktor, may I ask you to
do your homework a bit better next time?
You may certainly. According to the file AUTHORS in the 0.41
distribution, bug reports should be sent to the mtr mailing list. And
the file README in the same tarball gives this address as
mtr () lists xmission com I sent a message to that address on Wed, 2 Feb
2000 20:13:40 +0100. I received no response to that mail. If this was
not the correct address, may I ask that the information in the AUTHORS
and README files be updated to contain correct information?
/Viktor...
--| Viktor Fougstedt, system administrator at dtek.chalmers.se |--
--| http://www.dtek.chalmers.se/~viktor/ |--
--| ...soon we'll be sliding down the razor blade of life. /Tom Lehrer |--
 By Date 
By Thread
Current thread:
Aol Instant Messenger DoS vulnerability hi im cruz (Mar 03)
TrendMicro OfficeScan, numerous security holes, remote files modification. Captain'z root (Mar 03)
Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Lamagra Argamal (Mar 03)
|
Intro
