Re: Bug Serious problem in NEC SOCKS server (fwd)

Adel Abushaev (Adel.Abushaev@KSU.RU)
Sat, 10 May 1997 06:47:50 +0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Phillips: "Linux UID/GID 'Feature'"
Previous message: Adel Abushaev: "Re: Bug Serious problem in NEC SOCKS server (fwd)"

On Fri, 9 May 1997, Trevor Schroeder wrote:

> The following bug is present at *least* in Socks5 beta-0.17.2 from NEC.  Other
> versions haven't been tested, but they are most likely vulnerable as well
>
> >From the manpage:
>      SOCKS5_PIDFILE
>           Identifies the filename that stores the socks5 process ID when the
>           port is a port other than 1080. When you use port 1080, socks5
>           stores the PID in /tmp/socks5.pid. When you run socks5 on a port

   Is it necessary to start SOCKS server with superuser privileges?
This service uses non-privileged port 1080 and it seems to be
ordinary socket-based application.

Adel.

------------------------------------------------------------------------
*     The gates of excellence are surrounded by the ocean of sweat     *
------------------------------------------------------------------------

Next message: David Phillips: "Linux UID/GID 'Feature'"
Previous message: Adel Abushaev: "Re: Bug Serious problem in NEC SOCKS server (fwd)"