[16717] in bugtraq
Re: expoit for locale format string bug (Solaris 2.x)
daemon@ATHENA.MIT.EDU (Gus Hartmann)
Mon Sep 11 17:28:27 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20000911120809.A24851@durden.besh.com>
Date: Mon, 11 Sep 2000 12:08:09 -0700
Reply-To: Gus Hartmann <hartmann@MADISON-EXPAT.NET>
From: Gus Hartmann <hartmann@MADISON-EXPAT.NET>
X-To: Dan Harkless <dan-bugtraq@DILVISH.SPEED.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200009082224.PAA19280@dilvish.speed.net>; from
dan-bugtraq@DILVISH.SPEED.NET on Fri, Sep 08,
2000 at 03:24:56PM -0700
On Fri, Sep 08, 2000 at 03:24:56PM -0700, Dan Harkless wrote:
> I wish Sun would make a response in this forum so its customers (including
> the ones without multi-thousand-dollar support contracts) would know what
> the time window is for local users being able to easily get root.
Sun did respond in the FOCUS-SUN mailing list, to the effect that
they are currently working on a solution. The two most relevant messages are
available from the archive at:
http://www.securityfocus.com/templates/archive.pike?fromthread=0&start=2000-09-01&threads=0&mid=80863&list=92&end=2000-09-07
http://www.securityfocus.com/templates/archive.pike?fromthread=0&start=2000-09-08&threads=0&mid=81184&list=92&end=2000-09-14
My employer holds several, multi-million dollar Sun support
contracts, and we haven't heard anything besides the above messages to a
public mailing list.
--
Gus
no .sig, no slogan
