Bugtraq mailing list archives
Re: BUGTRAQ ALERT: Solaris 2.x vulnerability
From: root () iifeak swan ac uk (System Administrator)
Date: Fri, 18 Aug 1995 16:10:44 +0100
Just to add my two cents to the discussion: - this is a known problem
So why wasn't it more publically announced. Sun could easily have issued a new binary very publically and without saying what they had fixed.
- it is fixed in 2.5 (by using fchown, not chown, both versions of ps)
So why didnt you tell people instead of negligently leaving them exposed
- it only affects people that either: - use tmpfs (default) and don't modifiy it +t themselves - or us a filesystem for /tmp and didn't do a +t as well.
Otherwise known as the majority of people who are less technically clued up. Vendors need to improve their methods. Alan
Current thread:
- /proc ps for Solaris 2.X, (continued)
- /proc ps for Solaris 2.X Doug Hughes (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Dan Thorson (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Aleph One (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Nathan Lawson (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Patrick Hess (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Aleph One (Aug 15)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Scott Chasin (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Nathan Lawson (Aug 16)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Darren Reed (Aug 17)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Casper Dik (Aug 17)
- BUGTRAQ ALERT: Solaris 2.x Arve Kjoelen (Aug 18)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability System Administrator (Aug 18)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability David Rukshin (Aug 18)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Scott Chasin (Aug 18)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Mark Graff (Aug 18)
- Re: BUGTRAQ ALERT: Solaris 2.x vulnerability Paul Ashton (Aug 18)