Bugtraq mailing list archives
suid_exec
From: redsecurity () netculture net (Javier Romeu)
Date: Sat, 7 Dec 1996 03:03:18 +0100
Hi all, I've been following with interest the topic brought up by mr. Volobuev about the suid_exec bug in ksh. In fact, it has reminded me of some old bug in A/UX...This is what I've found in my hd under unix/bugs/aux: ----------------------------------------------------------------------- #Program: ksh(1) #Systems Affected: Systems running ksh(1) version 11/16/88a. Some A/UX versions. #Problem: suid_exec can be used to execute arbitrary programs as root. suid_exec checks permissions on files in a poor manner, and does not verify the interpreter used in a secure fashion. #Solution: Obtain patch from your vendor. Remove set bit from suid_exec in the interim. ---------------------------------------------------------------------- Is this the same bug??? Can some one with access to A/UX machines check if they are vulnerable too? Thanks. Regards, Javier. ________________________________________________________ **************** R E D S e c u r i t y **************** Javier Romeu, Manager. mailto:redsecurity () netculture net Web: http://www.netculture.net/~redsecurity Tel: +34-3-2098048 Fax: +34-3-2048105 Especialistas en *Seguridad* Informatica ********************************************************
Current thread:
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Terrell Thacker (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul B. Henson (Dec 05)
- SGI Security Advisory 19961201-01-PX - Desktop searchbook Program SGI Security Coordinator (Dec 05)
- suid_exec problem clarification Yuri Volobuev (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Nikolai Matyushenko (Dec 06)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul B. Henson (Dec 06)
- New INN security problems Chris Timmons (Dec 06)
- suid_exec Javier Romeu (Dec 06)
- <Possible follow-ups>
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Kevin L Prigge (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul Ashton (Dec 06)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Casper Dik (Dec 06)