[4120] in bugtraq
Re: BIG Security Hole in Solaris 2.X (X)passwd + exploit
daemon@ATHENA.MIT.EDU (Cy Schubert - ITSD Open Systems Gr)
Tue Mar 4 12:55:50 1997
Date: Tue, 4 Mar 1997 09:08:36 -0800
Reply-To: cschuber@uumail.gov.bc.ca
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
X-To: Jukka Oraj{rvi <jukkao@OTOL.FI>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Fri, 28 Feb 97 20:14:13 +0200."
<199702282014.WAA26765@titan.otol.fi>
> >An Exploit for a Big Big security hole in passwd ( + yppasswd and
> >nispasswd)
>
> I tried the exploit and it did not work in machines patched
> with 103187-09 (Solaris 2.5) or 103612-06 (Solaris 2.5.1).
>
> Could some verify this?
This particular exploit does not work, however it does cause a buffer
overflow and a subsequent bus error. It should be trivial to modify the
exploit to work on patched systems as well.
>
> --
> jukka
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: cschuber@uumail.gov.bc.ca
cschuber@bcsc02.gov.bc.ca
