Bug#2299: serious security hole, chmod 755 /usr/bin/resizecons

To: Debian bugs submission address <debian-bugs@Pixar.com>
Subject: Bug#2299: serious security hole, chmod 755 /usr/bin/resizecons
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Date: Thu, 8 Feb 96 02:42 GMT
Message-id: <[🔎] m0tkMJw-0002aeC@chiark.chu.cam.ac.uk>
Reply-to: Ian Jackson <ian@chiark.chu.cam.ac.uk>, debian-bugs@Pixar.com

Package: kbd
Version: 0.90-3

A user on my system has demonstrated to me how to get root access
using /usr/bin/resizecons.  As an immediate fix, all Debian admins
should do the following, as root:

 # cd /usr/bin
 # ls -l resizecons
-rwsr-xr-x   1 root     root        12292 Jun 22  1995 resizecons*
 # chmod 755 resizecons
 # ls -l resizecons
-rwxr-xr-x   1 root     root        12292 Jun 22  1995 resizecons*
 #

I look forward to an emergency update of the kbd package.

Ian.

PS: Please preserve only one of debian-user or debian-bugs on the CC
line, and if you preserve debian-bugs please keep the Subject line
too.

Reply to:

Prev by Date: Re: Reply-to:
Next by Date: Re: More questions on smail configuration for SMTP/PPP
Previous by thread: What happened to ftp.debian.org??
Next by thread: Re: More questions on smail configuration for SMTP/PPP
Index(es):
- Date
- Thread