Hi, I tested the exploit on SuSE 6.2 and it doesn't work. /usr/games/nethack is neither setu/gid nor does it use shared libs. All GNOME binaries aren't SU/GID except /opt/gnome/sbin/gnome-pty-helper, which seems to be non-vulnerable. Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomas@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka" Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
Has anyone compiled a list of out of box security concerns for SuSE linux 6.2? This would be extremely helpful with my limited time and rising attacks on my servers I administer. Thanks, Tom
Hello! Today I got a lot of lines in my /var/log/messages, all looking like this: Sep 28 11:22:19 btakdc lpd[7687]: servicereq: bad command line Since I maintain two Linux boxes and both have this messages, I suspect this to be an attack, because I have never noticed this before! On one system printjobs were started during this 'attack' and I had to do a lpc restart after deleting the spool files from /var/spool/lj4-*/ in order to get printing again. BTW PLP is used as lpd, not the BSD lpd. Also the two occurences were staggered in time, right after one machine ceased this error messages, the other begun. Was that a real attack or is there another cause? Puzzled, Martin Schneider
participants (3)
-
Martin Schneider -
Thomas Biege -
Tom Cramer