Possible exploit in 5.4-STABLE
Patrick Tracanelli
eksffa at freebsdbrasil.com.br
Fri Jul 1 14:50:55 GMT 2005
[skip]
> to attach the binary, but I'll do it anyway because I don't have
> anything else but that and a readme file. It didn't seem to work (out of
> the box) with 5.4-RELEASE though.
>
> This is a translation from babelfish:
>
> Plain replacement of "standard" su for FreeBSD. It makes it possible to
> become any user (inc. root) with the introduction of any password. For
> this necessary to neglect su with the option "-!". with the use of this
> option does not conduct ravine- files. Was tested on FreeBSD 5.4-STABLE.
>
> My apologies if I am sending in something completely useless and not
> important, but I figured it wouldn't hurt just to make sure.
>
> Cheers,
The attached file needs to be setuid to root, so, someone needed to have
increased privileges before, in order to install this prg. In this case
a one-line C program w/ root setuid would do the same job.
--
Patrick Tracanelli
patrick @ freebsdbrasil.com.br
"Long live Hanin Elias, Kim Deal!"
More information about the freebsd-stable
mailing list