Re: Solaris Xsun buffer overflow vulnerability

From: Casper Dik (Casper.Dikat_private)
Date: Thu Apr 12 2001 - 00:19:32 PDT

Next message: Jasper Jans: "Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit !"

Previous message: : "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Xsun is set-uid root on Solaris/Intel where it
needs it for certain device drivers.

Xsun is set-gid sys on Solaris/SPARC.

If you run Xsun through dtlogin, you can safely strip
the set-uid bits.

Casper

Next message: Jasper Jans: "Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit !"
Previous message: : "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 03:42:35 PDT