[20965] in bugtraq
Re: HP Openview NNM6.1 ovactiond bin exploit
daemon@ATHENA.MIT.EDU (Milo van der Zee)
Mon Jun 11 14:32:36 2001
Date: 11 Jun 2001 08:56:21 -0000
Message-ID: <20010611085621.1830.qmail@securityfocus.com>
From: Milo van der Zee <milo.van.der.zee@ordina.nl>
To: bugtraq@securityfocus.com
[snip...]
> have a problem with the =>suid<= bin executable
[snip...]
Correction: the executable is NOT suid bin but it does
run as user bin (probably an internal suid system call
or started from the pmd that runs as bin or ...). So
when you do a 'ps -ef | grep ovactiond' you will see
that it is running as bin. Even on Solaris.
MAG,
Milo
