Forgive me as I just started playing with Solaris 7 and don't recall seeing this yet posted to Bugtraq. It would appear as though an old bug with the OpenWeirdos File Mangler has crept up again in Solaris 7 (I believe patch 106222-01 was supposed to fix it back in Solaris 2.6 (and 106224-01 in Solaris 2.5.1)). Very basically, using ff.core it is possible for a normal user to overwrite arbitrary files on the system (that would include things like /etc/shadow) and do serious damage to the system (I will leave that exercise to the reader). Admins should remove the setuid and setgid bits from ff.core. Regards, Russell -- Russell M. Van Tassell russellat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:46 PDT