On Wed, Jul 18, 2001 at 03:42:26PM +0200, Jerzy Wolinski wrote: > I found some local root exploit (source and binary). I have run it on some > test system. It works on Debian 2.2r2 From source I can see that it uses > passwd program, but I have no knowlegde and no time to search how it really > works. On debian security alert pages I see nothing about passwd. What should > I do?
Hmm. I would've thought r2 covered all the glibc exploits. Perhaps if you give your exact glibc version (dpkg -l libc6) and a pointer to the exploit (if it's public) then we'll be able to give you an answer. -- Colin Phipps PGP 0x689E463E http://www.netcraft.com/
