On Wed, 18 Jul 2001, Jerzy Wolinski wrote: > I found some local root exploit (source and binary). > I have run it on some test system. It works on Debian 2.2r2
Is it not decieving you like fakeroot does, are you not running the code as a privileged user? > From source I can see that it uses passwd program, > but I have no knowlegde and no time to search how it > really works. > On debian security alert pages I see nothing about passwd. > What should I do? Since you have no knowlegde and no time, little else but to trust the debian security team. [RicV]
