[1835] in bugtraq
Re: Solaris 2.x utmp hole - Notify CERT?
daemon@ATHENA.MIT.EDU (Dan Thorson)
Thu May 18 18:26:29 1995
To: Scott Barman <scott@Disclosure.COM>
Cc: Scott Chasin <chasin@crimelab.com>, bugtraq <bugtraq@crimelab.com>
From: Dan Thorson <Dan_Thorson@notes.seagate.com>
Date: 18 May 95 12:49:33 EDT
>> The following is somewhat of a security hole in Solaris 2.x which
>> allows any non-root user to remove themselves from /var/adm/utmp[x]
>> files (who, w, finger, etc).
[snip]
> I tried this under Solaris 2.4 on an Intel box. It worked.
[snip]
> Anyone think a CERT advisory should be issued for this??
I do. Evasive maneuvers are the start to serious cracking.... the
"feature" should be removed from the OS, and an advisory is a good
way to post a red flag in Sun's to-do list
my opinion anyway.
dct
