[4505] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: SunOS exploit.

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)
Mon May 19 12:56:15 1997

Date: 	Mon, 19 May 1997 11:25:03 -0400
Reply-To: "Christopher X. Candreva" <chris@WESTNET.COM>
From: "Christopher X. Candreva" <chris@WESTNET.COM>
X-To:         Trevor Linton <blind@SEDATED.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.3.95.970518132950.590A-100000@sedated.net>

On Sun, 18 May 1997, Trevor Linton wrote:

> On sunos, if you execute a clean bash shell then type, export USER="root"
> then USER=$LOGNAME, then execute chsh root or chfn root you can change
> the root information.

I was unable to duplicate this on SunOS 4.1.3, using bash 2.00.0(1)
/usr/bin/passwd (which chsh and chfn are links to) however are not
original, so possibly some security patch fixed this already.

-Chris

==========================================================
Chris Candreva  -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4505] in bugtraq

Re: SunOS exploit.

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)Mon May 19 12:56:15 1997

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)
Mon May 19 12:56:15 1997