[2101] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: BUGTRAQ ALERT: Solaris 2.x vulnerability

daemon@ATHENA.MIT.EDU (Michael Dilger)
Tue Aug 15 16:26:34 1995

Date:         Tue, 15 Aug 1995 09:59:13 -0700
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Michael Dilger <Michael.Dilger@Eng.Sun.COM>
X-To:         bugtraq@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>

-----BEGIN PGP SIGNED MESSAGE-----

Content-Type: text/plain; charset=us-ascii


> B U G T R A Q   A L E R T                           bugtraq-alert-081495.01
> [...]
> Scott Chasin
> chasin@crimelab.com

Good job Scott.

I tried this attack on /usr/bin/ps and /usr/ucb/ps, and it works on
both of them.  This makes me think that more than just solaris 2.x
machines are vulnerable (depending on the /tmp sticky bit).

- --
Michael Dilger
Michael.Dilger@Sun.COM
ENS, Network Security Group
Sun Microsystems, Inc.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDDSWTY+1VQoRvQxAQETkgQAifsbHZkIfZcyYbJjvbiGRe8hS5eV7ptB
MP5UkEGqDztosq7j/fMcOpOjuQBEKHJpplQK2c+CqsYj/nkqRhHsq1GWDjqw7uFJ
sIdZ/JOlQ8NwYl0wQQWDTk3YwT05H7E3xwyQE9vpEwOBc1tSr2k4r2HkZDPaOsow
KKv5/Aj8d2g=
=0rcK
-----END PGP SIGNATURE-----


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2101] in bugtraq

Re: BUGTRAQ ALERT: Solaris 2.x vulnerability

daemon@ATHENA.MIT.EDU (Michael Dilger)Tue Aug 15 16:26:34 1995

daemon@ATHENA.MIT.EDU (Michael Dilger)
Tue Aug 15 16:26:34 1995