On Thu, 2004-08-12 at 19:59 -0400, Dave Rinker wrote: > funny to still see this thread running. > > Your conversation of the su issue prompted me to look for an exploit. > Found this linux "su" exploit that copies the passwords to /tmp/.tmp > > The only problem is you'd have to get it there first. > > http://packetstormsecurity.nl/groups/shadowpenguin/unix-tools/passwd_linux.c > > > Has anyone used my iptables suggestion with success? > Perhaps I'm being daft, but the exploit appears to be a 'passwd' trojan, not an su trojan. And the attacker would need to get it in a place where it would get inadvertently run (preferably by root). -- Aaron Gaudio <prothonotar@xxxxxxxxxxxxxxxxxxxx>
