* Joachim Schipper ([EMAIL PROTECTED]) wrote: > On Wed, Apr 19, 2006 at 04:22:06PM +0200, Jasper Bal wrote: > > Any hints? Did I do something wrong? Is there a fix? Or do I have to > > travel 400 km? > > Is sendmail listening to incoming connections? If so, you might have a > chance to exploit it to gain (more/root) access. I can't help you here, > but securityfocus.com does claim to have a PoC: > http://www.securityfocus.com/bid/17192/info. No idea if it works, > though, and OpenBSD's security enhancements are unlikely to be very > helpful here. Of course, that's sort of the point...
Yeah, I think we all would be better of runnig a less secure OS. Then we could hack it when we screw up like this. I bet you got this tip from som Linux forum (couldn't help that :) Almost everyone that have used remote/headless machines for some time have locked themselves out for stupid reasons; upgrade, changing pf rules etc. (been there :P ) It really helps having two machines sharing a serial cable when something like this happens.. I would say that all sugestion so far in this thread are examples of actions that a secure OS should prevent. Good luck anyway, hope it works out. /Joakim > > The one other security problem is only useful if you can get scp to try > to work with strange filenames, and that's not very likely, is it? > > Since you have syslog access (further upthread - via FTP, I presume), > what does the system say when you try to log in as root (over FTP? over > SSH?)? > > Joachim
