[39342] in bugtraq

home help back first fref pref prev next nref lref last post

RE: [Full-disclosure] Solaris 9/10 ld.so fun

daemon@ATHENA.MIT.EDU (Charles Heselton)
Wed Jun 29 14:13:13 2005

Reply-To: <charles.heselton@gmail.com>
From: "Charles Heselton" <charles.heselton@gmail.com>
To: "'Piotr KUCHARSKI'" <chopin@sgh.waw.pl>,
        "'Przemyslaw Frasunek'" <venglin@freebsd.lublin.pl>
Cc: <full-disclosure@lists.grok.org.uk>, <bugtraq@securityfocus.com>
Date: Tue, 28 Jun 2005 17:04:40 -0700
Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoCvNsEMfE0ClpoD8BfPb3uKFAAAQAAAACCtU2Shu6kOYrR2vFkbA4QEAAAAA@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
In-Reply-To: <20050628174858.GC20707@sgh.waw.pl>
Content-Transfer-Encoding: 8bit

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did the same.  Patchrm-ed 112963-19 to -12.  It still works for me.

Uname -a :

SunOS cf-node000 5.9 Generic_118558-09 sun4u sparc SUNW,Ultra-1

- --
- - Charlie
 
5A27 58D2 C791 8769 D4A4  F316 7BF8 D1F6 4829 EDCF
 
 
 

> -----Original Message-----
> From: full-disclosure-bounces@lists.grok.org.uk 
> [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf 
> Of Piotr KUCHARSKI
> Sent: Tuesday, June 28, 2005 10:49 AM
> To: Przemyslaw Frasunek
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: Re: [Full-disclosure] Solaris 9/10 ld.so fun
> 
> On Tue, Jun 28, 2005 at 06:17:02PM +0200, Przemyslaw Frasunek
> wrote: 
> > This vulnerability was introduced by one of the recent 
> patches for Solaris 9,
> > possibly 112963. Ld.so patched with 112963-08 is not 
> vulnerable -- it does
> > not allow LD_AUDIT for set[ug]id binaries, but upgrading to 
> 112963-16
> > definitly makes ld.so exploitable.
> 
> Just patchrm-ed 112963-19 to -12, it is not working anymore.
> 
> p.
> 
> -- 
> Beware of he who would deny you access to information, for in his
> heart he dreams himself your master.   -- Commissioner Pravin Lal
> http://nerdquiz.sgh.waw.pl/  -- polska wersja quizu dla nerdów ;)
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQsHll3v40fZIKe3PEQJzqACdEeusRDtTHQUjoZR0UR4MGl5LFccAnA+y
XW7ELeMG8WK7klz/86f83scB
=/+QX
-----END PGP SIGNATURE-----
home help back first fref pref prev next nref lref last post