On Tue, 2003-03-18 at 10:52, Todd Lyons wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > James Sparenberg wrote on Mon, Mar 17, 2003 at 10:30:01PM -0800 : > > > > > > People are aware of it and working on it already. No ETA yet that I'm > > > aware of, but there are others that are authoritative on that. > > One thing I noticed is that it is a local user vulnerability only... not > > a remote exploit. If someone has my console... They probably won't need > > something like this to get in/exploit the box. just my 2c. > > I thought "local user vulnerability" meant that it also applies to > people who are ssh'd in to your box because they have a "local" account.
hmmm... other vulnerabilities I've seen when they said local they meant at the console. (like the shutdown -now bug that drops the box to runlevel 1 ) However in this case you might be right.... since it doesn't seem like it would drop the ethernet connection. But my original thought still holds in this respect. If the user is logged in by ssh they are either an employee I have to trust, (and yes this can be deadly) or my security sucks so bad they broke an account. If they have... there are a bunch of root-kits/exploits available.... so it's time to re-think my security anyway. *grin* James > > Blue skies... Todd > - -- > Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ > UNIX was not designed to stop you from doing stupid things, because > that would also stop you from doing clever things. -- Doug Gwyn > Mandrake Cooker Devel Version, Kernel 2.4.21-0.13mdk > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE+d2rqlp7v05cW2woRAsbhAJ0d7/ct/DtpENh/ABs/aOeGLf3ICwCfVA3I > Dn14XfUuAJmICQR0tPmegbM= > =QMHk > -----END PGP SIGNATURE----- >