Several people have posted stating that turning off executing on the stack solves the problem. Folks, just because it stops this exploit does not mean it stops all exploits. Clever ones will work around the stack execution issue. In any case some protection is better than none. So to turn off execution on the stack in Solaris 2.6 and 7 add the following lines to /etc/system and restart the system: * Turn off executable stacks (doesn't work on Solaris x86) set noexec_user_stack = 1 set noexec_user_stack_log = 1 -- Aleph One / aleph1at_private http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:46:41 PDT