Bugtraq mailing list archives
Re: Zolaris 2.5 Exploited.
From: ebradley () andromeda rutgers edu (Eugene Bradley)
Date: Fri, 26 Jul 1996 11:46:38 -0400
-----BEGIN PGP SIGNED MESSAGE----- [disclaimer: I'm not a system administrator on any UNIX system on campus] I took a look at the kcms_* exploit script this morning. It didn't work. (this was on a Solaris 2.5 server for students) * To access X on the student UNIX server, the student labs run PC-Xware 2.0 running on Windows 3.1 over a Novell 3.12 network. The only people on campus with access to the Sun Workstations (and thus the monitor types that can be accessed and calibrated properly with the kcms_* tools) are network administrators and system administrators. For obvious reasons the kcms_* tools didn't work on PC-Xware, as PC-Xware is solely dependent on what video driver(s) Windows 3.1 loads on startup. -:) * For the rsh portion of the exploit script, the file /etc/hosts.equiv must exist in order for this crucial portion of the exploit script (rsh) to be successful. On both the student and the faculty UNIX servers, there is no /etc/hosts.equiv file, as neither the students nor the faculty on campus share UNIX servers. In short, the kcms_* exploit script fails when * it's used on any X server emulator that is _not_ dependent on kcms_* to calibrate the monitor (except the obvious Sun Workstation console) * it's on a system with no /etc/hosts.equiv file that rsh depends on for its usage. Correct me if I happen to be wrong on any or all of these points. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMfjnqhskmjHS+zH1AQHn8AP8DOAJiuFuerCgGibZFEQg2mY+B6rygI2I fp+7IKtKYr+jqglevndAI1tZU7JOt1WjN+4UXAa047ClJkA3N8uST4OsUnQ/z4ao +wPnY7CUiRKQMtxgPXOHjEa8EY/fL8t4yOk5sawmEK0otEpoWlz+cMp5IHDW2Kyk ghvjbXu8Cos= =Uouu -----END PGP SIGNATURE----- -- Eugene Bradley | finger me for my PGP public key webmaster of misery.winter.org PGP Fingerprint = 55 70 DE 84 FE E1 3D 50 7F C2 88 22 30 8C 81 9E <a href="http://www.armory.com/~ebradley"> Eugene's W^3 Duckpond </a>
Current thread:
- Re: Zolaris 2.5 Exploited. Leif Hedstrom (Jul 25)
- admintool (was Re: Zolaris 2.5 Exploited.) anthony baxter (Jul 25)
- <Possible follow-ups>
- Zolaris 2.5 Exploited. Jungseok Roh (Jul 26)
- Re: Zolaris 2.5 Exploited. Brian T. Wightman (Jul 25)
- Re: Zolaris 2.5 Exploited. Jungseok Roh (Jul 26)
- Re: Zolaris 2.5 Exploited. Brian T. Wightman (Jul 25)
- Re: Zolaris 2.5 Exploited. Eugene Bradley (Jul 26)
- Re: Zolaris 2.5 Exploited. Matthew G. Harrigan (Jul 26)
- Re: Zolaris 2.5 Exploited. Steph Bridges (Jul 26)
- Re: Zolaris 2.5 Exploited. Jeff Wolfe (Jul 26)