search for: xmedh02

...2 (5.67a8/IDA-1.5 for <linux-security@redhat.com>); Thu, 16 Jan 1997 15:17:35 +0100 Received: from localhost by manes.vse.cz with SMTP id AA01262 (5.67a8/IDA-1.5 for linux-security@redhat.com); Thu, 16 Jan 1997 15:17:33 +0100 Date: Thu, 16 Jan 1997 15:17:32 +0100 (MET) From: Hynek Med <xmedh02@manes.vse.cz> Approved: R.E.Wolff@BitWizard.nl To: linux-security@redhat.com Subject: Re: [linux-security] BoS: hmm..seen this one? Message-Id: <Pine.ULT.3.95.970116151337.28235G-100000@manes.vse.cz> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Charset: ASCII X-Char-Esc...

...Red Hat''s PGP key. But when you do this, don''t forget to upgrade your pam to pam-0.50-22, otherwise you run into problems - you won''t be able to login (thank God ssh worked). I think util-linux should have this dependence on pam-0.50-22 or higher.. Hynek -- Hynek Med, xmedh02@manes.vse.cz

In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos setuid root. This is a serious security hole which can be exploited to gain access to any file on the system. Package: dosemu Version: 0.64.0.2-9 ------- start of cut text -------------- $ cat /etc/debian_version 1.1 $ id uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom) [quinlan:~]$ ls -al