[3610] in bugtraq
Re: Possible SunOS 5.5.1 sulogin vulnerability
daemon@ATHENA.MIT.EDU (Steve Blass)
Fri Nov 15 19:06:23 1996
Date: Fri, 15 Nov 1996 17:59:42 -0500
Reply-To: Steve Blass <swb@aurora.phys.utk.edu>
From: Steve Blass <swb@aurora.phys.utk.edu>
X-To: "Jason R. Mastaler" <jason@mastaler.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <x7zq0l31aa.fsf@mastaler.com>
I just tried it on a patched 2.5.1 box and it does *look like it goes into
single user mode but I still couldn't edit /etc/shadow. Near as I can
tell it just gave me a subshell.
-
swb
On Wed, 13 Nov 1996, Jason R. Mastaler wrote:
> Possible hole in sulogin here? Under Solaris 2.5.1 (sparc & x86),
> executing /sbin/sulogin from an unprivileged user account dumps you
> into what appears to be single-user mode with an ugly warning message
> without prompting for the root password. You don't find this with
> earlier versions of Solaris (2.5 and lower).
>
> ________________________________________________________________
>
> sol251% /sbin/sulogin
>
> *** NO ENTRY FOR root IN PASSWORD FILE! ***
>
> Entering System Maintenance Mode
>
> $
>
> ________________________________________________________________
>
> sol25% /sbin/sulogin
>
> Type Ctrl-d to proceed with normal startup,
> (or give root password for system maintenance):
>
> ________________________________________________________________
>
