On Mon, Jan 08, 2001 at 03:07:26PM -0500, Bob Bernstein wrote: > > On Mon, 8 Jan 2001 19:14:53 +0100, Wichert Akkerman opined: > > > We're aware of it and looking into this at the moment, as well as > > checking if there are other similar problems we might have missed. > > Since this vulnerability is now "in the wild," so to speak, due to this > very discussion, isn't it a good idea to make an announcement to the > effect that at the very least fping should have its setuid root > removed?
well it works with traceroute too and others, it's not a problem with fping . i tried it on a rh 6.2 :-( with glibc 2.1 and i can confirm it doesn't work Samuele -- Samuele Tonon <[EMAIL PROTECTED]> Undergraduate Student of Computer Science at University of Bologna, Italy System administrator at Computer Science Lab's, University of Bologna, Italy Founder & Member of A.A.H.T. UIN 3155609 Acid -- better living through chemistry. Timothy Leary