[8842] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules

daemon@ATHENA.MIT.EDU (Mark K. Pettit)
Sat Dec 26 16:32:04 1998

Date: 	Thu, 24 Dec 1998 23:08:25 -0800
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Mark K. Pettit" <mpettit@GEOSTAFF.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.GSO.3.96.981224145553.434A-100000@gorkie> (message from
              plasmoid deep/thc/clb on Thu, 24 Dec 1998 15:01:22 +0000)

>>  ***  kcmsex - i386 Solaris root exploit for
>>       /usr/openwin/bin/kcms_configure
>>  ***  Tested and confirmed under Solaris 2.6 i386
>
>  it is a pitty, this sploit effects even Solaris 2.7
>  sparc and intel edition. quite fascinating that there
>  are still people making weak suid files and still
>  guys hunting for them.

FYI, just tested it on a Solaris 2.5 x86 box.

It compiles, runs, and smashes the stack cleanly right out of the box.
No command-line parameters needed.  I suppose this means that they
haven't messed with kcms_configure much in the past few years, eh?

Mark Pettit
Sr. System Administrator
GeoCities

home help back first fref pref prev next nref lref last post