nslookup on aix 4.x

From: Andreas Mueller (andreas.muellerat_private-TUEBINGEN.DE)
Date: Thu Feb 11 1999 - 16:12:46 PST

Next message: Pascal Gienger: "Re: Security Bug in Bintec Router Firmware (CLID)"

Previous message: Ronny Cook: "Re: SSH 1.x and 2.x Daemon"
Next in thread: Troy A. Bollinger: "Re: nslookup on aix 4.x"
Reply: Troy A. Bollinger: "Re: nslookup on aix 4.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

	hello !

if nslookup is installed with the s-bit all users can
create and overwrite files owned by root. this works
in the interactive mode, when dumping dns-records to a
file (with ls -d DOMAINNAME > FILE for example).
i checked it on aix 4.2.0, 4.2.1 and 4.1.1, where nslookup
is installed suid-root by default. maybe its
possible to create usable files with an own "special"
nameserver. or maybe its possible to pipe the answers
to a script to create the files you want, but i haven't
tried this.

	greetings,
	
			Andreas

p.s.: if this has already been reported to this list - sorry for
	my lazyness to search an archive of bugtraq.
--

Next message: Pascal Gienger: "Re: Security Bug in Bintec Router Firmware (CLID)"
Previous message: Ronny Cook: "Re: SSH 1.x and 2.x Daemon"
Next in thread: Troy A. Bollinger: "Re: nslookup on aix 4.x"
Reply: Troy A. Bollinger: "Re: nslookup on aix 4.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:34:02 PDT