Re: Major security-hole in kerberos rsh, rcp and rlogin.

Matt (panzer@DHP.COM)
Tue, 04 Nov 1997 19:25:37 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tony Hagale: "FreeBSD Security Advisory: FreeBSD-SA-97:05.open"

In mail.bugtraq Richard Levitte - VMS Whacker <LeViMS@STACKEN.KTH.SE> wrote:
: To remove some of the panic: to activate the bug, it is required that
: there are valid tickets for the target user laying around somewhere on
: your system (usually in /tmp/).

Why not remove some more of the panic and actually describe what is wrong.
Buffer overflow? Bad assumptions of environmental variables. Follows
links in /tmp? Etc. This would at least help other people look for
solutions (and/or bugs in other versions of kerberos). Your option to
include "exploitz" or not, but at least a description slightly more then
"kerberos is insecure".

: The bug is still a very serious one.
This list used to be "full-disclosure", or at least slightly.

--
 -Matt (panzer@dhp.com)  --  DataHaven Project - http://www.dhp.com/
  "That which can never be enforced should not be prohibited."

Next message: Tony Hagale: "FreeBSD Security Advisory: FreeBSD-SA-97:05.open"