[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail

Subject: Re: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail
From: "Zeffie" <cobaltlist@xxxxxxxx>
Date: Wed Sep 24 21:41:01 2003
Organization: http://www.zeffie.com/
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> > > it's an issue...  it's often very easy to backdoor
> > > software...  I even built
> > > a su program that sends the ip and passwd away in the mail
> > > for the next time
> > > the /bin/su dialog comes around...  it took about an hour.

> Since I'm the only person in my company with root access, I'd benefit
> greatly being notified when /bin/su dialog is called up.
> That's ingenuity.
> Rich

The thing that becomes really interesting is you can see the passwords and
how much they know...  or just log it.... hec.. anything you want...  I will
see if I can find programming time to change it to a simple notify (mail to
root) with just the current connections to the box...

Zeffie
http://www.zeffie.com/
needing more software to build into raqs

References:
- RE: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail
  - From: Rich LaBo

Prev by Date: Re: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail
Next by Date: Re: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail
Previous by thread: RE: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail
Next by thread: RE: [cobalt-users] OT brief note on: CERT AdvisoryCA-2003-25Buffer Overflow in Sendmail

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index