[14696] in bugtraq
Re: Solaris 7 x86 lpset exploit.
daemon@ATHENA.MIT.EDU (Andrew Brown)
Wed Apr 26 22:42:02 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000426155119.A8085@noc.untraceable.net>
Date: Wed, 26 Apr 2000 15:51:19 -0400
Reply-To: Andrew Brown <atatat@atatdot.net>
From: Andrew Brown <atatat@ATATDOT.NET>
X-To: Laurent LEVIER <llevier@ARGOSNET.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <4.3.1.2.20000425000630.00abc9d0@194.98.103.230>; from
llevier@ARGOSNET.COM on Tue, Apr 25, 2000 at 12:07:18AM +0200
>>There is a sparc version avail for this bug, the bug was discovered by
>>duke some time ago.
just for people who don't know...or have forgotten...putting this:
set noexec_user_stack = 1
set noexec_user_stack_log = 1
in your /etc/system file protects you against this. it doesn't fix
the bug, but it stops the effects from being quite so "bad".
--
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org * "ah! i see you have the internet
twofsonet@graffiti.com (Andrew Brown) that goes *ping*!"
andrew@crossbar.com * "information is power -- share the wealth."
