[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serious security flaw in OpenBSD 2.5 -- ordinary user can foirce open telnet back door on an arbitrary port number (fwd)

On Thu, Sep 16, 1999 at 09:35:43PM +0600, CyberPsychotic wrote:
> Anyone cares to check this case? Knowing CM I would think that this is
> just another funky-punky thing. The only possibilty here I see is that
> either her brothers own root on her box and altered kernel to hide their
> code, or they own either smtp uid (and run their code which is shown as
> smtp daemon in process table) or test uid (and run their code as bash). I
> see no other way around here (at least with the data, she provided).

Personally I'd guess that someone has installed a hacked ps, netstat,
etc as per the old root toolkit which hides a certain uids info from
other users.

Simon Dick					simond_(_at_)_irrelevant_(_dot_)_org