[distcc] Exploit in distcc ( got compromised ;( )

Alexandre Oliva oliva at lsd.ic.unicamp.br
Thu Aug 26 13:13:38 GMT 2004

On Aug 26, 2004, Sylvain Munaut <tnt at 246tnt.com> wrote:

> It was a distcc 2.13, I know it's not the latest one. And it was
> exploited to gain a localshell as the distcc user.

Err...  Exploited?

distcc is designed to run whatever command it's sent in the request
packet.  It is generally a compiler name, but it might as well be
/bin/sh, with a shell script as the `preprocessed' sources.

Alexandre Oliva             http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer   aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist  oliva@{lsd.ic.unicamp.br, gnu.org}

More information about the distcc mailing list