Bugtraq mailing list archives
Re: Solaris 2.4 bugs...
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Fri, 13 Jan 1995 15:50:11 -0500
Does anybody have information about the Solaris 2.4 bug fixed in the patch Patch-ID# 102044-01 : SunOS 5.4: bug in mouse code makes "break root" attack possibleThe bug was in Solaris 2.3 and yes it was the mouse driver. I'm still mulling over the propriety of posting the 3 line C program that expliots this hole and gives any user root.
Personally, I'd advise against posting it - but some description of the
bug would be appreciated. (Does some ioctl not check its arguments
sufficiently stringently, for example?) Or if you don't understand it
and don't want to go to the trouble to figure it out, I'm sure someone
with a Solaris 2.3 system would volunteer to do so. I'd volunteer
myself except that I don't have access to any such system.
der Mouse
mouse () collatz mcrcim mcgill edu
Current thread:
- Re: Solaris 2.4 bugs... der Mouse (Jan 13)
- Re: Solaris 2.4 bugs... Casper Dik (Jan 14)
- Sol2.x Mouse EXPLOIT info (wsa Re: Solaris 2.4 bugs..) Karl Strickland (Jan 14)
- Sol2.x Mouse EXPLOIT info (wsa Re: Solaris 2.4 bugs..) Scott D. Yelich (Jan 14)
- Re: Sol2.x Mouse EXPLOIT info (wsa Re: Solaris 2.4 bugs..) Dave Williss (Jan 16)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION Neil Woods (Jan 16)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION Farrell McKay (Jan 16)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION Christopher Klaus (Jan 17)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION jsz (Jan 17)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION jsz (Jan 17)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION Leo Bicknell (Jan 17)
- Sol2.x Mouse EXPLOIT info (wsa Re: Solaris 2.4 bugs..) Karl Strickland (Jan 14)
- Re: Solaris 2.4 bugs... Casper Dik (Jan 14)