BhodiSoft Advisories 2001-Present


BA-2001-01 Non-user accounts assigned shell by default

April 23, 2001

The default installation does not assign a shell for most non-user accounts (e.g. nobody, bin). If no shell is specified for an account, the shell defaults to /bin/sh.

BA-2001-02 Firewall rule exposure on ACK based filters

May 26, 2001

Any firewall system configured to block (not respond to) inbound packets without the ACK bit set may be vulnerable to an enumeration attack that could reveal a portion of the firewall ruleset and suggest the presence of listening daemons.

BA-2001-03 Multiple Problems with the Implementation of SSH ChRootGroups/ChRootUsers

July 22, 2001

Systems using SSH ChRootGroups to provide a secure user environment may allow more privilege than intended. (A) SFTP allows users to transfer executable files into the chroot cage. (B) SSH 1 and SCP allow users to operate outside the cage. 

BA-2002-01 String-Based Analysis of Apache Chunked Encoding Worm

July 07, 2002

Examination of the Apache Worm (Chunked Encoding) discovered by Domas Mituzas, based on the output of 'strings'.

 BA-2003-01 Debian: Unsafe directory ownership, default paths may lead to privilege escalation

December 06, 2003

Due to unsafe directory ownership and default path settings an attacker with a local account in group 'staff' may be able to gain root access. 

 BA-2005-01 Cursory Analysis of a System Compromise (due to poor password selection)

March 18, 2005

I had the opportunity to briefly examine a system that had been subjected to a simple password guessing attack. 

 


Last updated March 18, 2005