Reco wrote: > Bob Proulx wrote: > > Is 'rpcbind' installed by default? I will need to look. I wonder why > > it would be there? > > Part of a NFS client, I guess. Package is not marked as an essential one, > though. Running a diskless client over NFS would be a curious trick > without NFS support enabled.
NFS client is not enabled by default. So that wouldn't be it. I just tried a minimum installation of Debian Wheezy in a VM and rpcbind was not installed. Are you sure it is installed by default? > > CVE-2010-0427 is a local only exploit. (Failure to reset group > > permissions properly.) So it would need to be a locally known user in > > order to exploit it. Not the same as having written the password on a > > T-shirt and wearing it around. > > I fail to see how one could be given an SSH access to the host, be able > to use sudo (and do so successfully), and still not be a local user. > I must miss something here, can you please enlighten me? You said "using outdated sudo is an equivalent to wearing T-shirt with a root password written on it as an end result will be the same." I was refuting that statement. It isn't even close to being the same. Using sudo would require a local user exploit. You seem to agree that it would require a local user to exploit it. Having the root password publicly known does not require a local user. They are not the same class of issue at all. Not even close. Bob
signature.asc
Description: Digital signature
