Aazure.595 net.general,net.unix-wizards utcsrgv!utzoo!decvax!ucbvax!ihnss!cbosg!teklabs!tekmdp!azure!randals Thu Mar 4 07:01:43 1982 WARNING: There is another system It's time to go public with my discovery about a serious flaw in security the standard UUCP software in V7, 2BSD, and 4BSD. I have successfully constructed a shell command file which will execute ANY desired command(s) on ANY system running vanilla UUCP. What's more, the command is executed as (not root, darn) the "uucp" login, thus allowing access to the L.sys and USERFILEs, which in turn yields more system names to "attack". The actual commands executed are also untraceable, but if you look through the LOGFILE, you can at least tell that somebody is doing something (but not what they do). I do not know if this is the same bug found by Berkeley People (anyone out there that knows what they did please confer with me), but I will be glad to share my knowledge with any properly identified system administrator. I will send computer mail only to "root" of any system that requests the information. My uucp address is: ...!ucbvax!teklabs!tekmdp!randals or ...!decvax!teklabs!tekmdp!randals (many other systems also know about us... check your local maps) Randal L. Schwartz Tektronix Microcomputer Development Products Beaverton, Oregon ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.