[13280] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow

daemon@ATHENA.MIT.EDU (Darren Reed)
Fri Jan 7 15:02:07 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-Id:  <200001062306.KAA16020@cairo.anu.edu.au>
Date:         Fri, 7 Jan 2000 10:06:31 +1100
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To:         s96192@CE.HANNAM.AC.KR
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <200001051936.EAA18559@ce.hannam.ac.kr> from "1h?kAX KimYongJun
              (99A9>w)" at Jan 06, 2000 04:36:18 AM

In some mail from "1h?kAX KimYongJun (99A9>w)", sie said:
>
> [Hackerslab bug_paper] Solaris chkperm buffer overflow
>
>
> File   :   /usr/vmsys/bin/chkperm
>
> SYSTEM :   Solaris 2.x

How amusing.

On of my Solaris7 box's (incidently was pre-installed by Sun) doesn't
appear to have SUNWfac installed.  Those that I did myself (complete
OS install) do.

Seems you might be able to do a "pkgrm SUNWfac" and just delete it unless
you actually make use of it.

% grep chkperm /var/sadm/install/contents
/usr/vmsys/bin/chkperm f none 6755 bin bin 10080 40420 904647701 SUNWfac
% pkginfo SUNWfac
system      SUNWfac        Framed Access Command Environment

Darren

home	help	back	first	fref	pref	prev	next	nref	lref	last	post