I confirmed the segmentation fault for Solaris 2.6 SPARC on a Sun Ultra Enterprise 2 box running Solaris 2.6 with the current (4/8) recommended & security patch cluster, plus the following patches specific to ufsdump and ufsrestore [1]: 105722-01: SunOS 5.6: /usr/lib/fs/ufs/ufsdump patch 105724-01: SunOS 5.6: /usr/lib/fs/ufs/ufsrestore patch I have an open ticket with SunService on this vulnerability. Best fix I know of for now: chmod ug-s /usr/lib/fs/ufs/ufsdump chmod u-s /usr/lib/fs/ufs/ufsrestore Unfortunately, my job doesn't use gcc for development, so I was unable to compile ufsdump.c at all to test for tty or even root shell exploitation. -- Eugene Bradley eugene.bradleyat_private (Personal ONLY!) http://www.geocities.com/SiliconValley/Haven/9323/ [1]You need a SunService contract *and* a valid registration at http://sunsolve.sun.com/sunsolve/contractservices.html to obtain these patches. -- Eugene Bradley eugene.bradleyat_private (Personal ONLY!) eugenebradleyat_private (everything else) http://www.geocities.com/SiliconValley/Haven/9323/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:51:04 PDT