On 0, Robert Borrell <borrellat_private> wrote: > To all on the list, > > I tested the exploited listed below on Solaris 2.6 sparc platforms and I > could NOT replicate the results from below. The systems have the latest > Solaris 2.6 recommended cluster. I tested same exploit on Solaris 2.6 machines and it worked. Maybe you haven't read carefully enough exploit explanations. You *have to* DNS spoof attacking machine (or just put it into /etc/hosts for testing). If you try attacking remote machine without DNS spoofing it just won't work. You can find some logs in /var/adm/messages, I already see various people trying this exploit on my machines :-(. Reboot attempt worked successfully and left this in log: Jan 5 09:56:20 testmachine reboot: rebooted by LOGIN Also, machine I tested exploit on was *fully* patched Solaris 2.6 machine. Regards, Bojan -- E-mail: bzdrnjaat_private (world address) WHERE DREAMS COME TRUE | URL: | Funky technician AND MUSIC NEVER STOPS | http://fly.cc.fer.hr/~ld/ | is back!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:31 PDT