[4027] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: IRIX: Bug in startmidi

daemon@ATHENA.MIT.EDU (Jon Lewis)
Mon Feb 10 02:50:15 1997

Date: 	Mon, 10 Feb 1997 00:44:11 -0500
Reply-To: Jon Lewis <jlewis@INORGANIC5.FDT.NET>
From: Jon Lewis <jlewis@INORGANIC5.FDT.NET>
X-To:         Yuri Volobuev <volobuev@T1.CHEM.UMN.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.A41.3.95.970209205954.44418C-100000@t1.chem.umn.edu>

On Sun, 9 Feb 1997, Yuri Volobuev wrote:

> You must have some special configuration, I recon.  On the box I was testing
> on
>
> showfiles | grep startmidi
> f 64563 18688 dmedia_eoe.sw.midi usr/sbin/startmidi
>
> It's Irix 5.3 with all security patches applied, plus DSE 1.1.
>
> Still, chmodding-s away startmidi is a good idea. Why should users be able
> to screw around with MIDI, anyway?

f 46022 18608 dmedia_eoe.sw.midi      usr/sbin/startmidi
-rwsr-xr-x    1 root     sys        18608 Nov 21  1994 /usr/sbin/startmidi
IRIX xrdsg1 5.3 11091812 IP22 mips

No security patches I know of installed :(...this box is vulnerable.


------------------------------------------------------------------
 Jon Lewis <jlewis@fdt.net>  |  Unsolicited commercial e-mail will
 Network Administrator       |  be proof-read for $199/hr.
________Finger jlewis@inorganic5.fdt.net for PGP public key_______


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4027] in bugtraq

Re: IRIX: Bug in startmidi

daemon@ATHENA.MIT.EDU (Jon Lewis)Mon Feb 10 02:50:15 1997

daemon@ATHENA.MIT.EDU (Jon Lewis)
Mon Feb 10 02:50:15 1997