Re: Unauthorized access

1998-03-17 Thread William T Wilson
On Mon, 16 Mar 1998, Jeff Hansen wrote: > some buffer to gain a root shell. This exploit is either in inetd or > identd (I am thinking it is in inetd, because identd is run as > 'nobody'). If anyone would like to check out inetd for any holes, I'm surprised that it would be in inetd, since ine

Re: Unauthorized access

1998-03-17 Thread Jeff Hansen
[EMAIL PROTECTED] wrote: > On Mon, 16 Mar 1998, Dave G. wrote: > > > > >> So, someone has a program that connects to the 'auth' port and overflows > >> some buffer to gain a root shell. This exploit is either in inetd or > >> identd (I am thinking it is in inetd, because identd is run as > >> 'n

Re: Unauthorized access

1998-03-17 Thread twm139
On Mon, 16 Mar 1998, Dave G. wrote: > >> So, someone has a program that connects to the 'auth' port and overflows >> some buffer to gain a root shell. This exploit is either in inetd or >> identd (I am thinking it is in inetd, because identd is run as >> 'nobody'). If anyone would like to check

Re: Unauthorized access

1998-03-16 Thread Dave G.
> So, someone has a program that connects to the 'auth' port and overflows > some buffer to gain a root shell. This exploit is either in inetd or > identd (I am thinking it is in inetd, because identd is run as > 'nobody'). If anyone would like to check out inetd for any holes, > please do so a

Unauthorized access

1998-03-16 Thread Jeff Hansen
This message is important to anyone running RedHat Linux 5.0!! There is a serious security problem that I don't believe anyone knows about!! I recently had someone in Moscow, Russia, gain unauthorized access to my system via the auth port. Here is the line from netstat (he hacked my ne