[7553] in bugtraq
Solaris 2.4 pop buffer overrun
daemon@ATHENA.MIT.EDU (Julio Casal)
Fri Aug 7 14:19:07 1998
Date: Wed, 5 Aug 1998 18:55:05 +0200
Reply-To: Julio Casal <julio.casal@SERVICOM.ES>
From: Julio Casal <julio.casal@SERVICOM.ES>
To: BUGTRAQ@NETSPACE.ORG
An old one I guess known but I never saw it in the list:
Solaris 2.4 popper has an overflow in the username explotaible obviously
as root.
It's also easy to get root's shadow entry in the core dumped just failing to
log as root before overruning the username.
Cheers,
Julio.
