>"dtprintinfo" is suid program, the stack buffer can be overflowed by '-p' >option. I made an exploit program that can get root for Intel edition of >Solaris2.6 and Solaris 2.7. >Please test it. >If you test this program, please set DISPLAY environment correctly >before execution. This is Sun Bug# 4139394 which has been fixed in the current development release. Patches for Solaris 2.6 and Solaris 7 (ie CDE 1.2 and CDE 1.3) are currently in development. As an aside there is no indication in any of our databases that you made any attempt to contact Sun before publishing this publicly, please give us a chance first. Thanks -- Darren J Moffat
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:45:53 PDT