{"id": "PACKETSTORM:11827", "type": "packetstorm", "bulletinFamily": "exploit", "title": "redhat.su.ghost.bug.txt", "description": "", "published": "1999-08-17T00:00:00", "modified": "1999-08-17T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/11827/redhat.su.ghost.bug.txt.html", "reporter": "Packet Storm", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:23:49", "viewCount": 1, "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:23:49", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:23:49", "rev": 2}, "vulnersScore": -0.4}, "sourceHref": "https://packetstormsecurity.com/files/download/11827/redhat.su.ghost.bug.txt", "sourceData": "`Date: Wed, 16 Jun 1999 13:47:52 +0200 \nFrom: Roman Ramirez <rramirez@encomix.es> \nReply-To: patowc@encomix.es \nOrganization: Intercomputer, S.A. \nTo: tattooman@genocide2600.com \n \nHello: \n \nI think I have found some kind of bug in \"su\" in Redhat linux versions( \ntested on Redhat 5.2 y Redhat 6.0 ) \n \nThe problem seems to be when you logon into a Redhat system, with normal \nuser priviledges( sample patowc: uid 512 gid 512 ) and enter a superuser \nsession with \"su\". \n \nIn that moment superuser kills your \"su\" session( kill -9 ) and it seems \nas the session is killed, but when you try to continue working randomly \nyou get superuser priviledges again, and randomly you get into normal \nuser priviledges... \n \nI think the problem could be in two points, in the way \"su\" manages the \nKILL signal, or in the way it works with the tty. \n \n'Cause i have no time to investigate this, I think it could be \ninteresting for you... \n \nThx for your time... \n \nGreets \n \n \n-- \nDepartamento de Seguridad - Intercomputer, S.A. \nmailto://rramirez@encomix.es \nhttp://www.encomix.es/users/patowc \n \n`\n"}

{}