Jump to content
Sign in to follow this  
basilsp

Check to exist tty [2062567]

Recommended Posts

The “/opt/kaspersky/kav4fs/bin/kav4fs-control” don't check to exist tty:

$ ssh yugov@10.40.4.158 '/opt/kaspersky/kav4fs/bin/kav4fs-control --scan-file /www || tty'
yugov@10.40.4.158's password:
Invalid path to file: '/www'
not a tty

Share this post


Link to post
The “/opt/kaspersky/kav4fs/bin/kav4fs-control” don't check to exist tty:

$ ssh yugov@10.40.4.158 '/opt/kaspersky/kav4fs/bin/kav4fs-control --scan-file /www || tty'
yugov@10.40.4.158's password:
Invalid path to file: '/www'
not a tty

 

Hello.

 

Please describe the scenario, the expected and the actual result in more detail.

 

Thank you.

Share this post


Link to post
Hello.

 

Please describe the scenario, the expected and the actual result in more detail.

 

Thank you.

Hello,

 

There are such types of attacks that allow to execute an arbitrary code on the attacked system. This code executes under some user (under this user application is run).

I think it is necessary to forbid execution of “/opt/kaspersky/kav4fs/bin/kav4fs-control” for such users as: ftp, ntp, sshd, postfix, etc.

For instance, for this purpose it may be useful to include in “/opt/kaspersky/kav4fs/bin/kav4fs-control” such checks as:

- absence of tty;

- absence of the shell /sbin/nologin;

- etc.

If you think the execution of “/opt/kaspersky/kav4fs/bin/kav4fs-control” for any user is normal, so it is OK. :)

Share this post


Link to post
Hello,

 

There are such types of attacks that allow to execute an arbitrary code on the attacked system. This code executes under some user (under this user application is run).

I think it is necessary to forbid execution of “/opt/kaspersky/kav4fs/bin/kav4fs-control” for such users as: ftp, ntp, sshd, postfix, etc.

For instance, for this purpose it may be useful to include in “/opt/kaspersky/kav4fs/bin/kav4fs-control” such checks as:

- absence of tty;

- absence of the shell /sbin/nologin;

- etc.

If you think the execution of “/opt/kaspersky/kav4fs/bin/kav4fs-control” for any user is normal, so it is OK. :)

 

Hello,

 

bug 2062567 was submitted.

Thank you.

Share this post


Link to post
Sign in to follow this  

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.