Re: Exploit - what to do
On Wed, Jul 18, 2001 at 03:42:26PM +0200, Jerzy Wolinski wrote:
> I found some local root exploit (source and binary). I have run it on some
> test system. It works on Debian 2.2r2 From source I can see that it uses
> passwd program, but I have no knowlegde and no time to search how it really
> works. On debian security alert pages I see nothing about passwd. What should
> I do?
Hmm. I would've thought r2 covered all the glibc exploits. Perhaps if you give
your exact glibc version (dpkg -l libc6) and a pointer to the exploit (if it's
public) then we'll be able to give you an answer.
--
Colin Phipps PGP 0x689E463E http://www.netcraft.com/
Reply to: