Bugtraq mailing list archives
Re: Security Info (root broken)
From: jladwig () soils umn edu (John Ladwig)
Date: Thu, 29 Sep 1994 07:35:56 -0500
On Thu, 29 Sep 1994 07:04:44 -0600 (CDT), Pug <pug () arlut utexas edu> said:
>> This was a new
>> install, and it lasted about 4 days. One person heard thru the cracker
>> grapvine that root was broken thru /bin/mail.
P> Did you happen to install the following, in particular 101436-02?
P> Solaris 1.1.1 Patches Containing Security Fixes:
P> ------------------------------------------------
P> 101436-02 SunOS 4.1.3_U1: bin/mail jumbo patch
This is the patch which made the race condition *easier* to exploit
than it was in the unpatched version.
-jml
Current thread:
- request, (continued)
- request Michel JACQUOT (Sep 29)
- Re: setuid scripts in SunOS 4.1.x Fred Blonder (Sep 28)
- Re: setuid scripts in SunOS 4.1.x John Hawkinson (Sep 28)
- Security Info (root broken) Pat Myrto (Sep 28)
- Re: Security Info (root broken) Valdis.Kletnieks () vt edu (Apr 18)
- Re: Security Info (root broken) Perry E. Metzger (Sep 28)
- Re: Security Info (root broken) pluvius (Sep 28)
- Re: Security Info (root broken) Charles R. Hoynowski (Sep 29)
- Re: Security Info (root broken) Christopher Klaus (Sep 28)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) John Ladwig (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Casper Dik (Sep 29)
- Re: Security Info (root broken) Timothy Newsham (Sep 29)
- Old sendmail bugs Michael Neuman (Sep 29)
- Re: Security Info (root broken) Karl Strickland (Sep 29)
- Re: Security Info (root broken) Christopher Klaus (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Neil Woods (Sep 29)
- IBM AIX rlogin fix jim () Tadpole COM (Sep 28)