On Fri, Mar 03, 2000 at 10:33:51AM -0800, Seth R Arnold wrote:
I tested this on debian's dosemu, Version: 0.98.8-2, (debian woody) and
And more important Debian potato which will be released soon also has the
0.98.8-2 version. The difference is simply that the actual Debian package is
NOT
I tested this on debian's dosemu, Version: 0.98.8-2, (debian woody) and
did not get these results. It seems the debian maintainer (Herbert Xu)
Did The Right Thing in the config file.
:)
* [EMAIL PROTECTED] [EMAIL PROTECTED] [000303 10:28]:
Re all,
Hadn't seen this one around yet, has been on
I note that this has been added to the Vulnerabilities Database on
www.securityfocus.org (#1030) with the following solution:
The system.com program should be removed from the dosemu heirarchy.
I don't think this is adequate. system.com is a fairly short file
(300 bytes), and if a user has
On Thu, Mar 02, 2000 at 04:47:11AM +, [EMAIL PROTECTED]([EMAIL PROTECTED]) wrote:
snip
: Summary:
:
: Local users can take advantage of a packaging and configuration
: error (which has been known and documented for a long time) to
: execute arbitrary commands as root.
:
:
Re all,
Hadn't seen this one around yet, has been on my site for about a week now.
Corel's mailserver bounced me about this IIRC? Whats up Corel?
Cheers.
[EMAIL PROTECTED] - Corel Linux dosemu config error. Local root compromise.
Software: Corel Linux 1.0
