>John Mcdonald wrote: >> >> Enclosed is an exploit for a hole in Solaris rdist that I believe the >> patch #105667-01 adresses. That patch is for 2.6. I've personally tested >> the exploit on 2.6, 2.5.1, and 2.5 machines. > >I've tested the rdist exploit on a Sparc 20 w/ Solaris 2.6 unpatched, and >it works. It is foiled however by adding "set noexec_user_stack=1" to >/etc/system. For those unfamiliar with the feature, also try "set noexec_user_stack_log =1"; it will cause messages to be logged in such cases. Casper
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:12:42 PDT