Re: IRIX midikeys root exploit.

From: Björn Torkelsson (torkelat_private)
Date: Thu May 20 1999 - 23:55:01 PDT

Next message: Jakub Urbanec: "ExLibris Aleph Web server Security Alert"

Previous message: Larry W. Cashdollar: "IRIX midikeys vulnerability list."
Maybe in reply to: Larry W. Cashdollar: "IRIX midikeys root exploit."
Next in thread: Steve Allen: "Re: IRIX midikeys root exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Erik Mouw <J.A.K.Mouwat_private> writes:

> >      I have tested this on 2 IRIX 6.5 hosts with success. A patch exists for
> >      startmidi and stopmidi buffer overflows.
>
> Verified to work on an O2 running IRIX 6.3:
>   uname -aR
>   IRIX o2 6.3 O2 R10000 12161207 IP32
>
> And on an Octane running IRIX 6.5.3:
>   uname -aR
>   IRIX64 octane 6.5 6.5.3m 01221553 IP30

Verified to work on an O2 running IRIX 6.5.3.

After a chmod u-s midikeys, midikeys still works, at least after a very
quick test. Does anybody know why midikeys is setuid root?

Is this reported to SGI?

/torkel

Next message: Jakub Urbanec: "ExLibris Aleph Web server Security Alert"
Previous message: Larry W. Cashdollar: "IRIX midikeys vulnerability list."
Maybe in reply to: Larry W. Cashdollar: "IRIX midikeys root exploit."
Next in thread: Steve Allen: "Re: IRIX midikeys root exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:46:23 PDT