Re: [Offtopic] Russian Hacker

Kutsal BerberoGlu (kutsal@ug.bcc.bilkent.edu.tr)
Fri, 3 Jan 1997 13:29:28 +0200 (EET)


On Thu, 2 Jan 1997, Harald Hoyer wrote:

[Deleted.]
> At Dec 30 we had a visit of someone from sampo.karelia.ru.
> We don't know where he got the passwd of one of our users,
> but ... shit happens.
> The first thing he/she/it did was downloading two files named:
> my_lib and my_library.so (attached).
[Deleted.]

Those files are used to exploit a nasty telnet and telnetd bug.. In
Slackware 3.1, it is corrected and the patched telnetd is used.. In
earlier releases (such as 3.0) that exploit works and any user can gain
root access via telnet for 60 seconds.. Which is enough time to plant a
setuid/setgid shell anywhere in the system, add user, shutdown the
machine, or do whatever you want :)

Nasty eh?

Nice New Year's surprise.. You can get the patched telnetd from CERN :)

-Kutsal

beta test, v:
To voluntarily entrust one's data, one's livelihood and one's
sanity to hardware or software intended to destroy all three.
In earlier days, virgins were often selected to beta test volcanos.