Bugtraq mailing list archives

Re: Solaris 2.4 bugs...

From: rslau () tarazed usc edu (Robert Lau)
Date: Fri, 13 Jan 1995 09:49:35 -0800


   From: Philippe Langlois <Philippe.Langlois () world-net sct fr>
   Date: Fri, 13 Jan 1995 13:00:42 +0100 (MET)

           Does anybody have information about the Solaris 2.4 bug
   fixed in the patch Patch-ID# 102044-01 :
   SunOS 5.4: bug in mouse code makes "break root" attack possible

   ...

The bug was in Solaris 2.3 and yes it was the mouse driver.
I'm still mulling over the propriety of posting the 3 line
C program that expliots this hole and gives any user root.

Robert Lau                            Systems Programmer, Unix Systems
                                      University Computing Services            
213-740-2866                          University of Southern California        
rslau () usc edu                         1020 W Jefferson, LA, CA  USA, 90089-0251

Current thread:

cmsg newgroup necus.internet.mirror.bugtraq cornell () syl dl nec com (Jan 12)
- Re: cmsg newgroup necus.internet.mirror.bugtraq Matthew Hannigan (Jan 13)
- Solaris 2.4 bugs... Philippe Langlois (Jan 13)
  - Re: Solaris 2.4 bugs... Robert Lau (Jan 13)