Re: Solaris libc exploit

From: Peter Harvey Solaris Sustaining Engineering (peter.harveyat_private)
Date: Wed May 26 1999 - 04:20:03 PDT

Next message: cmart: "Buffer overflow in SmartDesk WebSuite v2.1"

Previous message: gabriel.sandbergat_private: "Infosec.19990526.compaq-im.a"
Maybe in reply to: UNYUN@ShadowPenguinSecurity: "Solaris libc exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 4118295 LC_* can be used to obtain root access from setuid programs

This is already fixed in Solaris 7 and the following patches for
Solaris 2.6:

  RELEASE     ARCH  PATCH
  5.6         i386  105211-06
  5.6         sparc 105210-06

The exploit referred to in this thread is in the same area (locales and
environment variables) but is different.

> I've tried to find the referenced bug description, but I wasn't able to
> find it on the Sunsolve KB.

We tend to be cautious about publishing our security bugs.

-- Peter
Sustaining Engineer, Solaris Software, Sun Microsystems
peter.harveyat_private

Next message: cmart: "Buffer overflow in SmartDesk WebSuite v2.1"
Previous message: gabriel.sandbergat_private: "Infosec.19990526.compaq-im.a"
Maybe in reply to: UNYUN@ShadowPenguinSecurity: "Solaris libc exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:47:17 PDT