[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200504211821.j3LIL3fE005400@turing-police.cc.vt.edu>
Date: Thu Apr 21 19:21:22 2005
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: bitchx exploit
On Thu, 21 Apr 2005 10:24:06 PDT, Andrew Farmer said:
> I have never, ever seen BitchX installed suid, and there's no reason
> it would be. SSL clients work just fine without suid.
I'm sure there's *plenty* of places that managed to botch permissions on some
file or other, causing SSL to not work correctly, and then they chmod +s
things that don't work because they know how to wave a dead chicken over
the CPU, but they don't know how to *FIX* things.
Consider a box that some idiot has done a 'chmod 640 /usr/lib/libssl*'.....
(I've not personally seen a BitchX installed this way, but I've seen enough
OTHER stuff to convince me it's probably happening. Even came across a setUID
/bin/ls that the sysadmin-monkey had done - and I've seen a *vendor* ship a
set-UID /bin/tar (so it could set the correct owner/group when extracting).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050421/fe6fb8fa/attachment.bin
Powered by blists - more mailing lists