[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Exploit - what to do

On Wed, 18 Jul 2001, Jerzy Wolinski wrote:

> I found some local root exploit (source and binary).
> I have run it on some test system. It works on Debian 2.2r2

Is it not decieving you like fakeroot does, are you not running the code
as a privileged user?

> From source I can see that it uses passwd program,
> but I have no knowlegde and no time to search how it
> really works. 
> On debian security alert pages I see nothing about passwd.
> What should I do?

Since you have no knowlegde and no time, little else but
to trust the debian security team.


Reply to: