On Thu, Mar 10, 2005 at 07:30:31PM +0100, Martin Schulze wrote: > Exploit: > > There are a few known exploits for distcc. By using a common method > provided by metasploit (http://metasploit.com/projects/Framework/ > exploits.html#distcc_exec), I was given full access to the remote users > home folder via telnet.
One should note that according to the upstream website this only affects users running the distcc deamon accepting direct TCP connections which is "insecure by design". Users in untrusted networks should use ssh for authentication. (Source: http://distcc.samba.org/security.html) The insecurity of the TCP mode is documented in the man page: "TCP connections should only be used on secure networks because there is no user authentication or protection of source or object code." Not making any conclusions, just adding some facts. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
