[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serious security flaw in OpenBSD 2.5 -- ordinary user can foirce open telnet back door on an arbitrary port number (fwd)

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: Re: Serious security flaw in OpenBSD 2.5 -- ordinary user can foirce open telnet back door on an arbitrary port number (fwd)
From: simond_(_at_)_irrelevant_(_dot_)_org
Date: Thu, 16 Sep 1999 17:42:00 +0100

On Thu, Sep 16, 1999 at 09:35:43PM +0600, CyberPsychotic wrote:
> Anyone cares to check this case? Knowing CM I would think that this is
> just another funky-punky thing. The only possibilty here I see is that
> either her brothers own root on her box and altered kernel to hide their
> code, or they own either smtp uid (and run their code which is shown as
> smtp daemon in process table) or test uid (and run their code as bash). I
> see no other way around here (at least with the data, she provided).

Personally I'd guess that someone has installed a hacked ps, netstat,
etc as per the old root toolkit which hides a certain uids info from
other users.

-- 
Simon Dick					simond_(_at_)_irrelevant_(_dot_)_org

References:
- Serious security flaw in OpenBSD 2.5 -- ordinary user can foirce open telnet back door on an arbitrary port number (fwd)
  - From: CyberPsychotic

Prev by Date: I'm root but I got no power :-(
Next by Date: Installation Problems with old and new boot disks
Previous by thread: Serious security flaw in OpenBSD 2.5 -- ordinary user can foirce open telnet back door on an arbitrary port number (fwd)
Next by thread: I'm root but I got no power :-(
Index(es):
- Date
- Thread

Visit your host, monkey.org