Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: /usr/sbin/audlinks vulnerability
From: optyx <optyx () UBERHAX0R NET>
Date: Mon, 8 Jan 2001 19:22:20 -0800

It was never stated you could use audlinks to gain root through
rsh/rlogin.

in my post I said you could use it to clobber (overwrite to clarify
because obviously I have to)

audlinks like many programs doesn't fstat the file it opens with O_RDWR
access properly.

As far as this posing a threat to a systems files, its highly
unlikely.  This was just notice of failure to fstat properly, which could
lead to problems.

And audlinks is executed on boot with static arguements, so this is not
vulnerable.

-Optyx
http://www.uberhax0r.net


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]