Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security Info (root broken)

From: pug () arlut utexas edu (Pug)
Date: Thu, 29 Sep 1994 07:04:44 -0600 (CDT)


This was a new
install, and it lasted about 4 days.   One person heard thru the cracker
grapvine that root was broken thru /bin/mail.


Did you happen to install the following, in particular 101436-02?

Solaris 1.1.1 Patches Containing Security Fixes:
------------------------------------------------

101434-03   SunOS 4.1.3_U1: lpr Jumbo Patch
101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
101440-01   SunOS 4.1.3_U1: security problem: methods to exploit login/su
101558-02   SunOS 4.1.3_U1: international libc jumbo patch
101579-01   SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1
101587-01   SunOS 4.1.3_U1: security patch for mfree and icmp redirect
101621-02   SunOS 4.1.3_U1: Jumbo tty patch
101665-02   SunOS 4.1.3_U1: sendmail jumbo patch
101679-01   SunOS 4.1.3_U1: Breach of security using modload
101759-02   SunOS 4.1.3_U1: domestic libc jumbo patch
100448-02   OpenWindows 3.0: loadmodule is a security hole.
100452-68   OpenWindows 3.0: XView 3.0 Jumbo Patch
100478-01   OpenWindows 3.0: xlock crashes leaving system open

Yes, I replace sendmail with my own, but I still install all of the
security patches. Not to mention that everyone of these is a recommended
patch as well.

Ciao,

-- 
Richard Bainter          Mundanely     |    System Analyst        - OMG/CSD
Pug                      Generally     |    Applied Research Labs - U.Texas
          pug () arlut utexas edu         |    pug () bga com
Note: The views may not reflect my employers, or even my own for that matter.
Previous By Date Next
Previous By Thread Next

Current thread: