[8842] in bugtraq
Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules
daemon@ATHENA.MIT.EDU (Mark K. Pettit)
Sat Dec 26 16:32:04 1998
Date: Thu, 24 Dec 1998 23:08:25 -0800
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Mark K. Pettit" <mpettit@GEOSTAFF.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.GSO.3.96.981224145553.434A-100000@gorkie> (message from
plasmoid deep/thc/clb on Thu, 24 Dec 1998 15:01:22 +0000)
>> *** kcmsex - i386 Solaris root exploit for
>> /usr/openwin/bin/kcms_configure
>> *** Tested and confirmed under Solaris 2.6 i386
>
> it is a pitty, this sploit effects even Solaris 2.7
> sparc and intel edition. quite fascinating that there
> are still people making weak suid files and still
> guys hunting for them.
FYI, just tested it on a Solaris 2.5 x86 box.
It compiles, runs, and smashes the stack cleanly right out of the box.
No command-line parameters needed. I suppose this means that they
haven't messed with kcms_configure much in the past few years, eh?
Mark Pettit
Sr. System Administrator
GeoCities