Re: Solaris libc exploit

From: Dust (dustat_private)
Date: Tue May 25 1999 - 11:57:00 PDT

Next message: Vittal Aithal: "Re: Advisory: NT ODBC Remote Compromise"

Previous message: Toby Chappell: "Re: Solaris libc exploit"
Maybe in reply to: UNYUN@ShadowPenguinSecurity: "Solaris libc exploit"
Next in thread: Karsten Thygesen: "Re: Solaris libc exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 25, 1999 at 09:30:53AM -0500, Wyman Eric Miles wrote:
> Correct me if I'm wrong, but doesn't 105210-06 or higher address this
> under 2.6?  I've been unable to get the exploit to work on any patched
> system, though it works nicely on any architecture I've tried which
> doesn't have the patch.

According 105210 description:

(from 105210-06)

4118295 LC_* can be used to obtain root access from setuid programs

I've tried to find the referenced bug description, but I wasn't able to
find it on the Sunsolve KB.

--
Tact is the ability to tell a man he has an open mind when he has a
hole in his head.

Next message: Vittal Aithal: "Re: Advisory: NT ODBC Remote Compromise"
Previous message: Toby Chappell: "Re: Solaris libc exploit"
Maybe in reply to: UNYUN@ShadowPenguinSecurity: "Solaris libc exploit"
Next in thread: Karsten Thygesen: "Re: Solaris libc exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:47:09 PDT