Re: solaris 2.x rdist exploit/ too many humbles :P

From: Casper Dik (casperat_private)
Date: Fri Aug 14 1998 - 11:16:40 PDT

Next message: Igor Schein: "crashme on SGI O2 running 6.3"

Previous message: Theo Schlossnagle: "Re: APC UPS Power Shute PLUS exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>John Mcdonald wrote:
>>
>> Enclosed is an exploit for a hole in Solaris rdist that I believe the
>> patch #105667-01 adresses. That patch is for 2.6. I've personally tested
>> the exploit on 2.6, 2.5.1, and 2.5 machines.
>
>I've tested the rdist exploit on a Sparc 20 w/ Solaris 2.6 unpatched, and
>it works. It is foiled however by adding "set noexec_user_stack=1" to
>/etc/system.

For those unfamiliar with the feature, also try "set noexec_user_stack_log =1";
it will cause messages to be logged in such cases.

Casper

Next message: Igor Schein: "crashme on SGI O2 running 6.3"
Previous message: Theo Schlossnagle: "Re: APC UPS Power Shute PLUS exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:12:42 PDT