[3197] in bugtraq
Re: CERT Advisory CA-96.19 - Vulnerability in expreserve
daemon@ATHENA.MIT.EDU (Casper Dik)
Sun Aug 18 16:03:08 1996
Date: Sun, 18 Aug 1996 15:47:35 +0200
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Casper Dik <casper@holland.Sun.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: Your message of "Thu, 15 Aug 1996 16:14:32 MDT."
<199608152214.QAA18338@slack.xmission.com>
>>Sun Microsystems, Inc.
>>======================
>>
>>System Patch ID Filename MD5 Checksum
>>- ------ -------- --------------- -----------
>>SunOS 101080-01 101080-01.tar.Z 53c8a5c4eee770924560c5fc100542a3
>>Solaris 2.0 101119-01 101119-01.tar.Z No longer available
>>Solaris 2.1 101089-01 101089-01.tar.Z No longer available
>>Solaris 2.2 101090-01 101090-01.tar.Z e9ff98823abbc75d95410a0cb7856644
>>Solaris 2.3
>>Solaris 2.4 102756-01 102756-01.tar.Z 61f4a48ddba41ae1c27e70b84f4c8d87
>>Solaris 2.4_x86 102757-01 102757-01.tar.Z 1f2b7f3824565ef849eb3c4677567399
>
>I love Sun. Are we to *assume* that 2.5 and 2.5.1 are immune?
You mean, you love CERT for mangling the information like this?
Contrary to what the CERT advisories will have you believe, the security
problem exists in 2.3 and before, whether patched or not.
(In 2.3 and before the problem was though solved by not having expreserve
run set-uid root; unfortunately, there was an oversight in this reasoning:
expreserve is run by root at system boot)
The problem does not exist in 2.4 + patches nor does it exist in 2.5 and
later.
Casper
