Bugtraq mailing list archives
Re: Exploiting Zolaris 2.4 ?? :)
From: casper () holland Sun COM (Casper Dik)
Date: Sun, 4 Aug 1996 12:48:15 +0200
I think this bug is widely spreaded in Korea . but not all over the world. The following contents are wholly from SeokChan Lee, one of the best alu mnus of the legendaray security task force team .K** . Also whom I look up to ..:) The problem is the Core dump system of Zolaris 2.4 . let's look into the man page of core(4) . and then concentrate on one phr- ase .
Set-uid/set-gid programs shouldn't dump core.
They don't in Solaris 2.5/2.5.1, but did under some circumstances in 2.4.
This is fixed in a later kernel jumbo patch (-35 for SPARC)
The files/directories shouldn't be group writable anyway;
better run:
ftp.fwi.uva.nl:/pub/solaris/fix-modes*
on your Solaris systems.
Casper
Current thread:
- Exploiting Zolaris 2.4 ?? :) Aleph One (Aug 03)
- Re: Exploiting Zolaris 2.4 ?? :) Casper Dik (Aug 04)
- Re: Exploiting Zolaris 2.4 ?? :) David DeSimone (Aug 04)
- Re: Exploiting Zolaris 2.4 ?? :) Grant Kaufmann (Aug 05)
- Re: Exploiting Zolaris 2.4 ?? :) Casper Dik (Aug 06)
- problems in /usr/Cadmin/bin for IRIX 5.3 Grant Kaufmann (Aug 05)
- CERT Advisory CA-96.16 - Vulnerability in Solaris admintool CERT Advisory (Aug 05)
- Re: group-setuid core hole Justin Mason (Aug 06)
- problems in /usr/Cadmin/bin for IRIX 5.3: EXPLOIT Grant Kaufmann (Aug 06)
- CERT Advisory CA-96.17 - Vulnerability in Solaris vold CERT Advisory (Aug 06)
- Re: Exploiting Zolaris 2.4 ?? :) Casper Dik (Aug 04)