Re: Solaris ipcs vulnerability

From: Neil W Rickert (rickert+btat_private)
Date: Mon Apr 16 2001 - 05:43:04 PDT

Next message: fish stiqz: "Remote BSD ftpd exploit (revised)"

Previous message: Mark (Mookie): "Re: multiple vulnerabilities in Alcatel Speed Touch DSL modems"
Next in thread: Dan Astoorian: "Re: Solaris ipcs vulnerability"
Next in thread: SChoe: "Re: Solaris ipcs vulnerability"
Reply: Dan Astoorian: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Scott Howard <scottat_private> wrote:

>Solaris 8 (Sparc at least) is not affected as ipcs is not suid/sgid.

This might be a matter of looking in the wrong place.

For programs where there are both 32bit and 64bit versions, the
program you see might be a stub that invokes the real program.
For example, on 32-bit solaris 8, what is actually run is

-r-xr-sr-x   1 root     sys        10740 Jan  5  2000 /usr/bin/sparcv7/ipcs

That is sgid.

 -NWR

Next message: fish stiqz: "Remote BSD ftpd exploit (revised)"
Previous message: Mark (Mookie): "Re: multiple vulnerabilities in Alcatel Speed Touch DSL modems"
Next in thread: Dan Astoorian: "Re: Solaris ipcs vulnerability"
Next in thread: SChoe: "Re: Solaris ipcs vulnerability"
Reply: Dan Astoorian: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 13:07:49 PDT