[10633] in bugtraq
Re: Solaris libc exploit
daemon@ATHENA.MIT.EDU (Dust)
Tue May 25 16:45:59 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990525205700.A24788@cannonball.dyndns.org>
Date: Tue, 25 May 1999 20:57:00 +0200
Reply-To: Dust <dust@CANNONBALL.DYNDNS.ORG>
From: Dust <dust@CANNONBALL.DYNDNS.ORG>
X-To: Wyman Eric Miles <wymanm@IS.RICE.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.GSO.3.96.990525092909.23555C-100000@is.rice.edu>; from
Wyman Eric Miles on Tue, May 25, 1999 at 09:30:53AM -0500
On Tue, May 25, 1999 at 09:30:53AM -0500, Wyman Eric Miles wrote:
> Correct me if I'm wrong, but doesn't 105210-06 or higher address this
> under 2.6? I've been unable to get the exploit to work on any patched
> system, though it works nicely on any architecture I've tried which
> doesn't have the patch.
According 105210 description:
(from 105210-06)
4118295 LC_* can be used to obtain root access from setuid programs
I've tried to find the referenced bug description, but I wasn't able to
find it on the Sunsolve KB.
--
Tact is the ability to tell a man he has an open mind when he has a
hole in his head.
