Re: Solaris ipcs vulnerability

From: Dan Astoorian (djastat_private)
Date: Tue Apr 17 2001 - 08:52:23 PDT

Next message: Michael Wojcik: "Re: Double clicking on innocent looking files may be da ngerous"

Previous message: Franklin DeMatto: "Re: qDefense Advisory: DCForum allows remote read/write/execute"
In reply to: Neil W Rickert: "Re: Solaris ipcs vulnerability"
Next in thread: SChoe: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 16 Apr 2001 08:43:04 EDT, Neil W Rickert writes:
> Scott Howard <scottat_private> wrote:
>
> >Solaris 8 (Sparc at least) is not affected as ipcs is not suid/sgid.
>
> This might be a matter of looking in the wrong place.
>
> For programs where there are both 32bit and 64bit versions, the
> program you see might be a stub that invokes the real program.
> For example, on 32-bit solaris 8, what is actually run is
>
> -r-xr-sr-x   1 root     sys        10740 Jan  5  2000 /usr/bin/sparcv7/ipcs

Unless patch 109238-01 (sparc) or 109239-01 (x86) is installed--and that
patch has been in the past few MU's--in which case it's:

-r-xr-xr-x   1 root     bin        14236 Mar 30  2000 /usr/bin/sparcv7/ipcs

--
Dan Astoorian               People shouldn't think that it's better to have
Sysadmin, CSLab             loved and lost than never loved at all.  It's
djastat_private        not, it's better to have loved and won.  All
www.cs.toronto.edu/~djast/  the other options really suck.    --Dan Redican

Next message: Michael Wojcik: "Re: Double clicking on innocent looking files may be da ngerous"
Previous message: Franklin DeMatto: "Re: qDefense Advisory: DCForum allows remote read/write/execute"
In reply to: Neil W Rickert: "Re: Solaris ipcs vulnerability"
Next in thread: SChoe: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 13:03:49 PDT