[4113] in bugtraq
Re: BIG Security Hole in Solaris 2.X (X)passwd + exploit
daemon@ATHENA.MIT.EDU (Santithorn Bunchua)
Sat Mar 1 04:26:22 1997
Date: Fri, 28 Feb 1997 23:58:33 -0500
Reply-To: Santithorn Bunchua <keh@AU.AC.TH>
From: Santithorn Bunchua <keh@AU.AC.TH>
To: BUGTRAQ@netspace.org
In-Reply-To: <199702282014.WAA26765@titan.otol.fi>
Hi,
The exploit doesn't work on my 2.5 box. But it does work on my
2.5.1 box (with all the recommended patch .. as of 16 Feb 97 ..
which includes 103612-07).
So.. is there any fix from Sun about this bug (passwd).. and also
the ffbconfig bug. Or does the FFB patch fix it?
--keh--
On Fri, 28 Feb 1997, Jukka Oraj{rvi wrote:
> >An Exploit for a Big Big security hole in passwd ( + yppasswd and
> >nispasswd)
>
> I tried the exploit and it did not work in machines patched
> with 103187-09 (Solaris 2.5) or 103612-06 (Solaris 2.5.1).
>
> Could some verify this?
>
> --
> jukka
>
