[14909] in bugtraq
Re: New Solaris root exploit for /usr/lib/lp/bin/netpr
daemon@ATHENA.MIT.EDU (Jeremy Rauch)
Tue May 16 01:59:02 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000515140725.A11515@securityfocus.com>
Date: Mon, 15 May 2000 14:07:25 -0700
Reply-To: Jeremy Rauch <jrauch@SECURITYFOCUS.COM>
From: Jeremy Rauch <jrauch@SECURITYFOCUS.COM>
X-To: Darren Moffat - Solaris Sustaining Engineering
<Darren.Moffat@UK.SUN.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200005151637.RAA02727@otis.UK.Sun.COM>; from
Darren.Moffat@UK.SUN.COM on Mon, May 15, 2000 at 05:37:43PM +0100
On Mon, May 15, 2000 at 05:37:43PM +0100, Darren Moffat - Solaris Sustaining Engineering wrote:
> >I have not tested either of these on Solaris 8, but I am expecting it to
> >be vulnerable. It also appears that Solaris 2.6 on SPARC machines may not
> >be exploitable unless patch 106235-03 or patch 106235-04 is installed.
> >How about that? Keep up on your patches and get owned faster. Let's hope
> >that Sun puts this buffer overflow silliness to rest soon. No more buffer
> >overflows will mean no more buffer overflow exploits.
>
> I'm told by my colleagues who look after printing that this is fixed in:
>
> 5.6 SPARC T106235-05 Intel T106235-05
> 5.7 SPARC T107115-04 Intel T106235-04
> 5.8 SPARC 109320-01 Intel T109321-01
I think that should be 106236-05 for 5.6 x86, and 107116-04, for 5.7 x86.
-Jeremy
