Bugtraq mailing list archives
Re: BUGTRAQ ALERT: Solaris 2.x vulnerability
From: cross () math psu edu (Dan Cross)
Date: Wed, 16 Aug 1995 08:14:24 -0400
[bloop] (Scott, if you think it's worth posting the code for this let me know) and any of the other things that stash files in /tmp can be attacked. Neil.
It seems that the code is almost trivial since most programs such as these tend to operate along the same lines and we have already seen Scott's code... :-) However, an extremely worthwhile thing to post would be a list of setuid programs which make use of /tmp and are exploitable in the same manner. Or, rather, potentially exploitable... Does anyone have such a thing? - Dan C.
Current thread:
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Michael Dilger (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Neil Readwin (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Dan Cross (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Neil Readwin (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Dan Cross (Aug 17)
- SunOS 4.1.x ptrace flaw Bonfield James (Aug 17)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Dan Cross (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Neil Readwin (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Adam Prato (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Brian Perkins (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Sam Quigley (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Alexander L. Haiut (Aug 16)
- /proc ps for Solaris 2.X Doug Hughes (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Brian Perkins (Aug 15)
- <Possible follow-ups>
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Dan Thorson (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Aleph One (Aug 15)