[10595] in bugtraq
IRIX midikeys vulnerability list.
daemon@ATHENA.MIT.EDU (Larry W. Cashdollar)
Fri May 21 12:05:56 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Md5: YdtWpbl+eUz2uwCOZljj6g==
Message-Id: <199905211456.KAA03779@uniden.Biw.COM>
Date: Fri, 21 May 1999 10:56:33 -0400
Reply-To: "Larry W. Cashdollar" <lwcashd@BIW.COM>
From: "Larry W. Cashdollar" <lwcashd@BIW.COM>
To: BUGTRAQ@NETSPACE.ORG
I am attempting to compile a list of vulnerable systems for this exploit. I would like
to provide as much information to SGI as possible. Here is what I have found so
far.
Erik Mouw Email J.A.K.Mouw@its.tudelft.nl |
---------------------------------------------|
Verified to work on an O2 running IRIX 6.3: |
uname -aR
IRIX o2 6.3 O2 R10000 12161207 IP32
And on an Octane running IRIX 6.5.3:
uname -aR
IRIX64 octane 6.5 6.5.3m 01221553 IP30
Larry W. Cashdollar lwcashd@biw.com |
----------------------------------------------|
Verified on an ONYX/2 running IRIX 6.5.
uname -aR
IRIX64 onyx 6.5 05190003 IP27
Verified on an Indigo running IRIX 6.5.
uname -aR
IRIX64 flier 6.5 05190004 IP28
I was unable to test this on our IRIX 6.2 box.
/usr/sbin/midikeys does exist and it is setuid
root however.
Anthony C . Zboralski acz@hert.org |
----------------------------------------------|
It works on latest 6.5.4 maintenance release: |
IRIX ra 6.5 04151556 IP32 mips
Larry W. Cashdollar
Unix Administrator
Computer Security Operations
