[14903] in bugtraq
Re: New Solaris root exploit for /usr/lib/lp/bin/netpr
daemon@ATHENA.MIT.EDU (Darren Moffat - Solaris Sustaining)
Mon May 15 16:06:09 2000
Mime-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-Md5: hUHu41+rhR3v/2KoTBrvYg==
Message-Id: <200005151637.RAA02727@otis.UK.Sun.COM>
Date: Mon, 15 May 2000 17:37:43 +0100
Reply-To: Darren Moffat - Solaris Sustaining Engineering <Darren.Moffat@UK.Sun.COM>
From: Darren Moffat - Solaris Sustaining Engineering <Darren.Moffat@UK.SUN.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
>I have not tested either of these on Solaris 8, but I am expecting it to
>be vulnerable. It also appears that Solaris 2.6 on SPARC machines may not
>be exploitable unless patch 106235-03 or patch 106235-04 is installed.
>How about that? Keep up on your patches and get owned faster. Let's hope
>that Sun puts this buffer overflow silliness to rest soon. No more buffer
>overflows will mean no more buffer overflow exploits.
I'm told by my colleagues who look after printing that this is fixed in:
5.6 SPARC T106235-05 Intel T106235-05
5.7 SPARC T107115-04 Intel T106235-04
5.8 SPARC 109320-01 Intel T109321-01
Tpatches are available only to customers with a maintenance contract until
they patches become official.
These patches will become part of the recommended patch set in due course.
--
Darren J Moffat
