[10596] in bugtraq
Re: IRIX midikeys root exploit.
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?Bj=F6rn?= Torkelsso)
Fri May 21 12:06:00 1999
Message-Id: <3wiu9mnc8q.fsf@kronborg.cs.umu.se>
Date: Fri, 21 May 1999 08:55:01 +0200
Reply-To: =?ISO-8859-1?Q?Bj=F6rn?= Torkelsson <torkel@HPC2N.UMU.SE>
From: =?ISO-8859-1?Q?Bj=F6rn?= Torkelsson <torkel@HPC2N.UMU.SE>
X-To: Erik Mouw <J.A.K.Mouw@ITS.TUDELFT.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Erik Mouw's message of "Thu, 20 May 1999 11:49:11 +0200"
Erik Mouw <J.A.K.Mouw@ITS.TUDELFT.NL> writes:
> > I have tested this on 2 IRIX 6.5 hosts with success. A patch exists for
> > startmidi and stopmidi buffer overflows.
>
> Verified to work on an O2 running IRIX 6.3:
> uname -aR
> IRIX o2 6.3 O2 R10000 12161207 IP32
>
> And on an Octane running IRIX 6.5.3:
> uname -aR
> IRIX64 octane 6.5 6.5.3m 01221553 IP30
Verified to work on an O2 running IRIX 6.5.3.
After a chmod u-s midikeys, midikeys still works, at least after a very
quick test. Does anybody know why midikeys is setuid root?
Is this reported to SGI?
/torkel
