Solaris7 and ff.core

From: Russell Van Tassell (russellat_private)
Date: Wed Apr 07 1999 - 22:11:03 PDT

Next message: Casper Dik: "Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight"

Previous message: M.C.Mar: "Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight"
Next in thread: Stefan Molnar: "Re: Solaris7 and ff.core"
Reply: Stefan Molnar: "Re: Solaris7 and ff.core"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forgive me as I just started playing with Solaris 7 and don't recall
seeing this yet posted to Bugtraq.

It would appear as though an old bug with the OpenWeirdos File Mangler
has crept up again in Solaris 7 (I believe patch 106222-01 was supposed
to fix it back in Solaris 2.6 (and 106224-01 in Solaris 2.5.1)).  Very
basically, using ff.core it is possible for a normal user to overwrite
arbitrary files on the system (that would include things like /etc/shadow)
and do serious damage to the system (I will leave that exercise to the
reader).

Admins should remove the setuid and setgid bits from ff.core.

Regards,
Russell


--
Russell M. Van Tassell
russellat_private

Next message: Casper Dik: "Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight"
Previous message: M.C.Mar: "Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight"
Next in thread: Stefan Molnar: "Re: Solaris7 and ff.core"
Reply: Stefan Molnar: "Re: Solaris7 and ff.core"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:46 PDT