[4739] in bugtraq
Re: Solaris 2.5.1 party piece
daemon@ATHENA.MIT.EDU (Doug Hughes)
Fri Jun 20 07:14:51 1997
Date: Thu, 19 Jun 1997 16:04:16 -0500
Reply-To: Doug Hughes <Doug.Hughes@ENG.AUBURN.EDU>
From: Doug Hughes <Doug.Hughes@ENG.AUBURN.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <m0weiBY-0005FdC@lightning.swansea.linux.org.uk>
> Well CERT have had this for a year, AUSCERT for a couple of weeks and
>now its time bugtraq had it
>
>cc solarisuck.c -o solarisuck -lsocket
>rsh localhost ./solarisuck
>
<code deleted>
>
>Workarounds:
> 1. Disable rsh and any non root owned inetd tasks - breaks remote tar etc
> 2. Run an OS that the vendor doesnt take a year to fix bugs in
>
> I have the original emails from Sun folks (Casper Dik, Alec Muffett and co)
> to prove Sun have sat on this for ages.
>
> Alan
>
This appears to be fixed in 2.6 at any rate..
--
____________________________________________________________________________
Doug Hughes Engineering Network Services
System/Net Admin Auburn University
doug@eng.auburn.edu
