[3640] in bugtraq
Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit
daemon@ATHENA.MIT.EDU (Russell Street)
Mon Nov 18 22:49:08 1996
Date: Tue, 19 Nov 1996 16:01:27 +1300
Reply-To: Russell Street <r.street@auckland.ac.nz>
From: Russell Street <r.street@auckland.ac.nz>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <Pine.SUN.3.91.961118202805.13542A-100000@null> from "Craig
Raskin" at Nov 18, 96 08:29:28 pm
> After doing some playing around, it looks like this only affects machines
> with patch level 103615-01 and up. Try backing out of that patch and it
> should fix the problem.
I have a 2.5 machines (SS4, SS10) that is vunerable. It has no patches at
all installed.
The exploit does not work on my 2.5.1 Ultra-1. Presumably this is
just a matter of getting the machine code right for the platform. ;)
Russell
----
Russell Street <r.street@auckland.ac.nz> Is it really Wednesday today?
