Re: Solaris 7/SPARC and sdtcm_convert.

From: Darren J Moffat - Enterprise Services OS Product Support Group (darren.moffatat_private)
Date: Thu Jun 03 1999 - 01:22:37 PDT

Next message: Andy Polyakov: "Re: Citrix Winframe client for Linux"

Previous message: Brett Glass: "Re: weaknesses in dns label decoding,"
Maybe in reply to: acpizer: "Solaris 7/SPARC and sdtcm_convert."
Next in thread: Philipp Stucke: "Re: Solaris 7/SPARC and sdtcm_convert."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I did a quick search and didn't see this exploit code anywhere on bugtraq,
> this exploit was written by the same person who wrote the solaris libc
> exploit, again this time the epxloit is said to work on both Solaris 2.6
> and 7, but he autho fails to provide offsets for Solaris 7.

This appears to be bug# 4184188 which is fixed in
	 105566-06 (SPARC)
	 105567-06 (x86)
	
With the patch installed the exploit fails thus:

s4u-26% ./sdtcm_convert_exploit
efffd0c0
Problem accessing calendar file /usr/spool/calendar/callog.test:
No such file or directory


--
Darren J Moffat

Next message: Andy Polyakov: "Re: Citrix Winframe client for Linux"
Previous message: Brett Glass: "Re: weaknesses in dns label decoding,"
Maybe in reply to: acpizer: "Solaris 7/SPARC and sdtcm_convert."
Next in thread: Philipp Stucke: "Re: Solaris 7/SPARC and sdtcm_convert."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:48:06 PDT