Re: Exploit - what to do
On Wed, 18 Jul 2001, Jerzy Wolinski wrote:
> I found some local root exploit (source and binary).
> I have run it on some test system. It works on Debian 2.2r2
Is it not decieving you like fakeroot does, are you not running the code
as a privileged user?
> From source I can see that it uses passwd program,
> but I have no knowlegde and no time to search how it
> really works.
> On debian security alert pages I see nothing about passwd.
> What should I do?
Since you have no knowlegde and no time, little else but
to trust the debian security team.