[10135] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Solaris7 and ff.core

daemon@ATHENA.MIT.EDU (Russell Van Tassell)
Thu Apr 8 14:43:03 1999

Date: 	Wed, 7 Apr 1999 22:11:03 -0700
Reply-To: Russell Van Tassell <russell@CSCORP.COM>
From: Russell Van Tassell <russell@CSCORP.COM>
To: BUGTRAQ@NETSPACE.ORG

Forgive me as I just started playing with Solaris 7 and don't recall
seeing this yet posted to Bugtraq.

It would appear as though an old bug with the OpenWeirdos File Mangler
has crept up again in Solaris 7 (I believe patch 106222-01 was supposed
to fix it back in Solaris 2.6 (and 106224-01 in Solaris 2.5.1)).  Very
basically, using ff.core it is possible for a normal user to overwrite
arbitrary files on the system (that would include things like /etc/shadow)
and do serious damage to the system (I will leave that exercise to the
reader).

Admins should remove the setuid and setgid bits from ff.core.

Regards,
Russell

--
Russell M. Van Tassell
russell@cscorp.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[10135] in bugtraq

Solaris7 and ff.core

daemon@ATHENA.MIT.EDU (Russell Van Tassell)Thu Apr 8 14:43:03 1999

daemon@ATHENA.MIT.EDU (Russell Van Tassell)
Thu Apr 8 14:43:03 1999