Board index Linux admin

Another Huge Security Hole!

Another Huge Security Hole!

Post by Uri Blumenth » Thu, 26 May 1994 05:08:28



Hi,
        It's Linux-1.1.14. The problem is: when you
        log in as <whoever>, it still gives you UID
        [you guessed it :-] 0.  I.e. to become root
        on Linux-1.1.14,  you just have to login to
        the box...

        Linux-1.1.13 doesn't exhibit such bad behavior.

        No fix yet, as I didn't figure out the cause.
        One thing seems certain - it has nothing to
        to with getty/login/whatever program...The
        new (1.1.14) kernel has your UID==0 always,
        1.1.13 seems to be correct.

        Regards,
        Uri.
------------
<Disclaimer>

 
 
 
Top

Another Huge Security Hole!

Post by Michael Pe » Thu, 26 May 1994 23:11:14


: Hi,
:       It's Linux-1.1.14. The problem is: when you
:       log in as <whoever>, it still gives you UID
:       [you guessed it :-] 0.  I.e. to become root
:       on Linux-1.1.14,  you just have to login to
:       the box...

:       Linux-1.1.13 doesn't exhibit such bad behavior.

:       No fix yet, as I didn't figure out the cause.
:       One thing seems certain - it has nothing to
:       to with getty/login/whatever program...The
:       new (1.1.14) kernel has your UID==0 always,
:       1.1.13 seems to be correct.

:       Regards,
:       Uri.
: ------------
: <Disclaimer>

 
 
 
Top

Another Huge Security Hole!

Post by Erik Ols » Thu, 26 May 1994 11:12:37



>Hi,
>    It's Linux-1.1.14. The problem is: when you
>    log in as <whoever>, it still gives you UID
>    [you guessed it :-] 0.  I.e. to become root
>    on Linux-1.1.14,  you just have to login to
>    the box...

This would appear to be an effect of not doing a "make mrproper" after
upgrading from 1.1.13 to 1.1.14.

   - Erik
--
---


 
 
 
Top

Another Huge Security Hole!

Post by Rob Janss » Thu, 26 May 1994 17:08:45



Quote:>Hi,
>    It's Linux-1.1.14. The problem is: when you
>    log in as <whoever>, it still gives you UID
>    [you guessed it :-] 0.  I.e. to become root
>    on Linux-1.1.14,  you just have to login to
>    the box...
>    Linux-1.1.13 doesn't exhibit such bad behavior.
>    No fix yet, as I didn't figure out the cause.
>    One thing seems certain - it has nothing to
>    to with getty/login/whatever program...The
>    new (1.1.14) kernel has your UID==0 always,
>    1.1.13 seems to be correct.

Not on my system...  Maybe you did install one of the not-so-correct
attempts at fixing the security bug?

Rob
--
-------------------------------------------------------------------------


-------------------------------------------------------------------------

 
 
 
Top

Another Huge Security Hole!

Post by lcvanv.. » Thu, 26 May 1994 17:45:21



> Hi,
>    It's Linux-1.1.14. The problem is: when you
>    log in as <whoever>, it still gives you UID
>    [you guessed it :-] 0.  I.e. to become root
>    on Linux-1.1.14,  you just have to login to
>    the box...

>    Linux-1.1.13 doesn't exhibit such bad behavior.

>    No fix yet, as I didn't figure out the cause.
>    One thing seems certain - it has nothing to
>    to with getty/login/whatever program...The
>    new (1.1.14) kernel has your UID==0 always,
>    1.1.13 seems to be correct.

>    Regards,
>    Uri.
> ------------
> <Disclaimer>

After a first rush of slight panic after reading your mail,
I quickly booted-up linux 1.1.14 and logged in as myself.
My UID is still at 406, so on my machines nothing goes wrong.
I got my 1.1.13 from ftp.helsinki.fi because for some strange
reason my own 1.1.12 woulnd't patch into 1.1.13. Maybe you
also have something like that on your system, only it still
compiles. Although it does sound strange to me that this really
could be the case.
Goodluck,
Martijn.
 
 
 
Top

Another Huge Security Hole!

Post by Stefan Rodenste » Thu, 26 May 1994 20:36:31


: Hi,
:       It's Linux-1.1.14. The problem is: when you
:       log in as <whoever>, it still gives you UID
:       [you guessed it :-] 0.  I.e. to become root
:       on Linux-1.1.14,  you just have to login to
:       the box...

Strange... my Linux-1.1.14 works correctly.. the users get the right IDs...
are you sure it's the kernel?
ciao
        Stefan

--



Entropy isn't what it used to be.

 
 
 
Top

Another Huge Security Hole!

Post by Gauger Maximili » Fri, 03 Jun 1994 00:24:49




> : Hi,
> :  It's Linux-1.1.14. The problem is: when you
> :  log in as <whoever>, it still gives you UID
> :  [you guessed it :-] 0.  I.e. to become root
> :  on Linux-1.1.14,  you just have to login to
> :  the box...

Are you 100% sure you have your /etc/passwd and /etc/groups set correctly?
Look it up again, tjough it may sound trivial.

Max

 
 
 
Top

1. fix for HUGE SECURITY HOLE in syslog?

Excerpts from netnews.comp.os.linux.development.system: 23-Sep-95 fix

This was fixed back in may in both libc 4.7.x. and 5.x.x.

Matt  

2. ftp connection or DNS problem

3. Huge security hole?

4. Development Kit

5. Single-user mode -- huge security hole?

6. Distributing Services across a system of servers

7. Huge security hole in elvis (Slackware)

8. Activity Timeouts

9. Huge security holes in Microsoft FP98 server extensions for Apache

10. HUGE security hole ! How to close?

11. Security Hole on webservers run on variuos OS, How to close UNIS hole

12. best-of-security mailing list (was: Solaris 2.5 Security Hole: local users can get root)

13. Really serious security hole in Microport Unix (Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386)


All times are UTC
Board index