>> *** kcmsex - i386 Solaris root exploit for >> /usr/openwin/bin/kcms_configure >> *** Tested and confirmed under Solaris 2.6 i386 > > it is a pitty, this sploit effects even Solaris 2.7 > sparc and intel edition. quite fascinating that there > are still people making weak suid files and still > guys hunting for them. FYI, just tested it on a Solaris 2.5 x86 box. It compiles, runs, and smashes the stack cleanly right out of the box. No command-line parameters needed. I suppose this means that they haven't messed with kcms_configure much in the past few years, eh? Mark Pettit Sr. System Administrator GeoCities
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:23 PDT