[10652] in bugtraq
Re: Solaris libc exploit Re: Solaris libc exploit
daemon@ATHENA.MIT.EDU (Peter Harvey Solaris Sustaining En)
Thu May 27 13:00:43 1999
Mime-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-Md5: 55WV6488M6fDC/DPfNMSCw==
Message-Id: <199905262010.VAA06262@otis.UK.Sun.COM>
Date: Wed, 26 May 1999 21:10:56 +0100
Reply-To: Peter Harvey Solaris Sustaining Engineering <peter.harvey@UK.Sun.COM>
From: Peter Harvey Solaris Sustaining Engineering <peter.harvey@UK.SUN.COM>
X-To: ricky@beida.Stanford.EDU
To: BUGTRAQ@NETSPACE.ORG
Ricky,
Excuse my not being clear enough here. A few people have already asked
me about this (to whom I replied individually).
> So 105210 doesn't fix the problem.
The patch I referred to does not fix the current exploit (you are
correct). I think perhaps you misunderstood my email. The bug 4118295 I
referred to is already fixed in the patch as I described. This current
exploit is new.
I emailed BUGTRAQ to confirm:
(a) bug 4118295 is different
(b) bug 4118295 is already fixed
(c) this exploit is new (and therefore *not* 4118295)
-- Peter
