Bugtraq mailing list archives
xnews and XDM
From: hartmans () bga com (Sam Hartman)
Date: Wed, 20 Jul 1994 19:52:18 -0500
AIX has a similar hole. The DPS server can be entered by /usr/lpp/DPS/bin/dpsexec. Since X runs as root, you can then open and write to any root owned file. I haven't bothered to write an exploit script, but I did try running /etc/security/passwd, and I got a root: UndefinedCommand error. Someone opened a bug against this inside IBM--I forget who, but to my knowledge, know action has been taken. --Sam
Current thread:
- xnews and XDM Sam Hartman (Jul 20)
- Re: xnews and XDM Vatsal P. Sonecha (Jul 20)
- xnews and XDM Sam Hartman (Jul 21)
- /etc/subnetconfig Aleph One (Jul 20)
- xnews and XDM Sam Hartman (Jul 21)
- Possible Ultrix issue A. Rich (Jul 21)
- Re: xnews and XDM Vatsal P. Sonecha (Jul 20)