[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] I find a bug
- To: Laurelai Storm <laurelai@xxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] I find a bug
- From: Emanuel dos Reis Rodrigues <emanueldosreis@xxxxxxxxx>
- Date: Tue, 18 Jan 2011 14:41:59 -0400
Look, this happen only in machines that have your sudo configuration
with no password.
Emanuel dos Reis Rodrigues
Senior Level Linux Professional (LPIC-3)
LPI 302 (Mixed Environment) Specialty
LPI 304 (Virtualization and High Availability) Specialty
C|EH Certified Ethical Hacker
CompTIA Security+ Certified
http://br.linkedin.com/in/emanuelreis
t:@emanueldosreis
emanueldosreis(No*SpAm)gmail.com
Mobile: +55 95 8112-9628
Laurelai Storm wrote:
> I have fedora 14, several centOS 5.5 machines and a vanilla ubuntu
> 9.10 vm, all ask for the password
>
>
> 2011/1/18 Christian Sciberras <uuf6429@xxxxxxxxx
> <mailto:uuf6429@xxxxxxxxx>>
>
> Every bug is a feature. Some are less obvious than others.
>
> ;-)
>
> Oh, and for what it's worth, I get asked for the root password on
> my machine (vanilla ubuntu).
>
>
>
>
>
> 2011/1/18 Laurelai Storm <laurelai@xxxxxxxxxxxx
> <mailto:laurelai@xxxxxxxxxxxx>>
>
> It prompts for a password on my machine, perhaps you should
> check your sudoers config.
>
> Also, its not a bug its a feature :p
>
> 2011/1/18 我是王子 <tradeprince@xxxxxx
> <mailto:tradeprince@xxxxxx>>
>
> hello,
> I found a bug,
> run [sudo strace su] command can get root privileges
> without any password.
> bill
> ------------------ Original ------------------
> *From: * "Steve Beattie"<sbeattie@xxxxxxxxxx
> <mailto:sbeattie@xxxxxxxxxx>>;
> *Date: * Thu, Jan 13, 2011 08:01 PM
> *To: *
>
> "ubuntu-security-announce"<ubuntu-security-announce@xxxxxxxxxxxxxxxx
> <mailto:ubuntu-security-announce@xxxxxxxxxxxxxxxx>>;
> *Cc: * "full-disclosure"<full-disclosure@xxxxxxxxxxxxxxxxx
> <mailto:full-disclosure@xxxxxxxxxxxxxxxxx>>;
> "bugtraq"<bugtraq@xxxxxxxxxxxxxxxxx
> <mailto:bugtraq@xxxxxxxxxxxxxxxxx>>;
> *Subject: * [USN-1042-2] PHP5 regression
> --
> ubuntu-security-announce mailing list
> ubuntu-security-announce@xxxxxxxxxxxxxxxx
> <mailto:ubuntu-security-announce@xxxxxxxxxxxxxxxx>
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/