Atro Tossavainen <atossavaat_private> writes: > > I tested the exploit against a current IRIX release (6.5.11) and found > > it not to be vulnerable. > > How exactly did you find 6.5.11 not to be vulnerable? > > I tried the sploit on 6.5.10 and didn't get root. It complained about > the lack of the ListAllPrinters symbol. > > Add the symbol in the sploit code, recompile, try again. 6.5.10 is > vulnerable, is 6.5.11? I'd be interested in seeing what symbol you added: here's a test on 6.5.5: mybox 27% uname -R 6.5 6.5.5m mybox 28% id uid=45731(dsouth) gid=40 mybox 29% ./xnetprint /bin/sh [(IRIX)netprint[] local root exploit, by: v9[v9at_private]. ] [*] making symbols source file for netprint to execute. [*] done, now compiling symbols source file. [*] done, now checking to see if the symbols source compiled. [*] done, now executing netprint. netprint: this command for use only by LP Administrators mybox 30% id uid=45731(dsouth) gid=40 If I run the above as root, I do get the complaint about a missing ListAllPrinters symbol, but requiring root seems a bit counter-productive for a sploit. ;-) -- /* Dale Southard Jr. southard1at_private 925-422-1463 */ /* Computer Scientist, Accelerated Strategic Computing Initiative */ /* L-550, Lawrence Livermore National Lab, Livermore CA 94551 */ /* AFF/I, SL/I, T/I, D-11216, Sr. Rig --- I'd rather be skydiving */
This archive was generated by hypermail 2b30 : Fri Apr 27 2001 - 18:03:55 PDT