An old one I guess known but I never saw it in the list: Solaris 2.4 popper has an overflow in the username explotaible obviously as root. It's also easy to get root's shadow entry in the core dumped just failing to log as root before overruning the username. Cheers, Julio.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:37 PDT