Bugtraq mailing list archives

Re: IRIX 5.2 Security Advisory

From: de5 () de5 CTD ORNL GOV (Dave Sill)
Date: Tue, 9 Aug 1994 11:03:04 -0400


Steve Kotsopoulos wrote:


: There is no way to know if someone has exploited the bug. It's such
: a quiet little hole that it doesn't leave a mark anywhere. You don't
: even have to logon to exploit it. That's how bad it is.


Wait a minute, they said the bug could be exploited without logging in?
The original notice said:

]A potential vulnerability has been discovered in the IRIX 5.2 operating
]system which would enable an unprivileged user to become an active
]root user.                                ~~~~

So which is it?

Also, here's one I tried to send out while bugtraq was on hiatus.
/usr/sbin/colorview is setuid root and can be used to read any file on
the system (e.g., /etc/shadow) with the "-text" option.  Affects IRIX
5.2 at least.

-Dave

Current thread:

IRIX 5.2 Security Advisory Steve Kotsopoulos (Aug 09)
- Re: IRIX 5.2 Security Advisory Dave Sill (Aug 09)
- Re: IRIX 5.2 Security Advisory max () gac edu (Aug 09)
- Re: IRIX 5.2 Security Advisory Marc W. Mengel (Aug 09)
- <Possible follow-ups>
- Re: IRIX 5.2 Security Advisory Jim Littlefield (Aug 09)
- Re: IRIX 5.2 Security Advisory Karyn Pichnarczyk (Aug 09)
  - Re: IRIX 5.2 Security Advisory Perry E. Metzger (Aug 10)
- Re: IRIX 5.2 Security Advisory Bob Vickers (Aug 10)