Bugtraq mailing list archives
xnews and XDM
From: hartmans () bga com (Sam Hartman)
Date: Wed, 20 Jul 1994 19:52:18 -0500
AIX has a similar hole. The DPS server can be entered by
/usr/lpp/DPS/bin/dpsexec. Since X runs as root, you can then open and
write to any root owned file.
I haven't bothered to write an exploit script, but I did try
running /etc/security/passwd, and I got a root: UndefinedCommand
error.
Someone opened a bug against this inside IBM--I forget who,
but to my knowledge, know action has been taken.
--Sam
Current thread:
- xnews and XDM Sam Hartman (Jul 20)
- Re: xnews and XDM Vatsal P. Sonecha (Jul 20)
- xnews and XDM Sam Hartman (Jul 21)
- /etc/subnetconfig Aleph One (Jul 20)
- xnews and XDM Sam Hartman (Jul 21)
- Possible Ultrix issue A. Rich (Jul 21)
- Re: xnews and XDM Vatsal P. Sonecha (Jul 20)