[20494] in bugtraq
Re: IRIX /usr/lib/print/netprint local root symbols exploit.
daemon@ATHENA.MIT.EDU (v9@REALHALO.ORG)
Fri Apr 27 21:30:39 2001
Message-ID: <20010427193035.22483.qmail@securityfocus.com>
Date: Fri, 27 Apr 2001 19:30:35 -0000
Reply-To: v9@REALHALO.ORG
From: v9@REALHALO.ORG
To: BUGTRAQ@SECURITYFOCUS.COM
> No news here.
>
> The author's site indicates that he found the
bug under IRIX 6.2.
> That release of IRIX is around 5 years old. SGI
released a Security
> Advisory on the netprint issue in December of
1996 which included
> information on a patch which fixes it. See
SGI's security site at:
>
> http://www.sgi.com/support/security/index.html
>
> I tested the exploit against a current IRIX
release (6.5.11) and found
> it not to be vulnerable.
it is unreleated to the 1996 one, i checked
first... i believe it is exploitable up to just
before that version. the older one was a bug with
a system() call executing "disable".
