[14912] in bugtraq
Re: New Solaris root exploit for /usr/lib/lp/bin/netpr
daemon@ATHENA.MIT.EDU (Casper Dik)
Tue May 16 15:01:52 2000
Message-Id: <200005160623.IAA27635@romulus.Holland.Sun.COM>
Date: Tue, 16 May 2000 08:23:39 +0200
Reply-To: Casper Dik <Casper.Dik@HOLLAND.SUN.COM>
From: Casper Dik <Casper.Dik@HOLLAND.SUN.COM>
X-To: Jeremy Rauch <jrauch@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Mon, 15 May 2000 14:07:25 PDT."
<20000515140725.A11515@securityfocus.com>
>On Mon, May 15, 2000 at 05:37:43PM +0100, Darren Moffat - Solaris Sustaining Engineering wrote:
>> >I have not tested either of these on Solaris 8, but I am expecting it to
>> >be vulnerable. It also appears that Solaris 2.6 on SPARC machines may not
>> >be exploitable unless patch 106235-03 or patch 106235-04 is installed.
>> >How about that? Keep up on your patches and get owned faster. Let's hope
>> >that Sun puts this buffer overflow silliness to rest soon. No more buffer
>> >overflows will mean no more buffer overflow exploits.
>>
>> I'm told by my colleagues who look after printing that this is fixed in:
>>
>> 5.6 SPARC T106235-05 Intel T106235-05
>> 5.7 SPARC T107115-04 Intel T106235-04
>> 5.8 SPARC 109320-01 Intel T109321-01
>
>I think that should be 106236-05 for 5.6 x86, and 107116-04, for 5.7 x86.
Correct, the corrected lists looks like:
5.6 SPARC T106235-05 Intel T106236-05
5.7 SPARC T107115-04 Intel T107116-04
5.8 SPARC 109320-01 Intel T109321-01
Only the Solaris 8 patch has been released sofar.
Casper
