Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Sambal root exploit found
  • From: Christian Boxhammer <box@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 16 May 2003 14:59:31 +0200
  • Message-id: <200305161415.24940.box@xxxxxxxxxxxxxxxxxxxxx>
Hello list,

I have found a root exploit on our Linux Server (SuSE 7.2). The machine ist
running samba-2.2.0a-51. This root exploit is named sambal. It creates a new
user named postgres with HOME=/var/lib/pgsql/.
It can attack Linux, FreeBSD, NetBSD and OpenBSD machines. The source Code of
this exploit can be found on www.netric.org.

My Problems:
How dangerous is this?
How can I detect, what the hacker does with our system? (HISTFILE unset by
exploit)
Does anyone know anything about sambal?

Thanks
Christian



< Previous Next >
This Thread
  • No further messages