Re: Zolaris 2.5 Exploited.

[ebradley () andromeda rutgers edu (Eugene Bradley)]

-----BEGIN PGP SIGNED MESSAGE-----

[disclaimer: I'm not a system administrator on any UNIX system on campus]

I took a look at the kcms_* exploit script this morning.  It didn't
work.  (this was on a Solaris 2.5 server for students)

* To access X on the student UNIX server, the student labs run PC-Xware
2.0 running on Windows 3.1 over a Novell 3.12 network.  The only people
on campus with access to the Sun Workstations (and thus the monitor
types that can be accessed and calibrated properly with the kcms_* tools)
are network administrators and system administrators.  For obvious reasons
the kcms_* tools didn't work on PC-Xware, as PC-Xware is solely dependent
on what video driver(s) Windows 3.1 loads on startup. -:)

* For the rsh portion of the exploit script, the file /etc/hosts.equiv
must exist in order for this crucial portion of the exploit script (rsh)
to be successful.  On both the student and the faculty UNIX servers,
there is no /etc/hosts.equiv file, as neither the students nor the
faculty on campus share UNIX servers.

In short, the kcms_* exploit script fails when
* it's used on any X server emulator that is _not_ dependent on kcms_*
  to calibrate the monitor (except the obvious Sun Workstation console)
* it's on a system with no /etc/hosts.equiv file that rsh
  depends on for its usage.

Correct me if I happen to be wrong on any or all of these points.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMfjnqhskmjHS+zH1AQHn8AP8DOAJiuFuerCgGibZFEQg2mY+B6rygI2I
fp+7IKtKYr+jqglevndAI1tZU7JOt1WjN+4UXAa047ClJkA3N8uST4OsUnQ/z4ao
+wPnY7CUiRKQMtxgPXOHjEa8EY/fL8t4yOk5sawmEK0otEpoWlz+cMp5IHDW2Kyk
ghvjbXu8Cos=
=Uouu
-----END PGP SIGNATURE-----

--
              Eugene Bradley | finger me for my PGP public key
                       webmaster of misery.winter.org
    PGP Fingerprint = 55 70 DE 84 FE E1 3D 50  7F C2 88 22 30 8C 81 9E
   <a href="http://www.armory.com/~ebradley";> Eugene's W^3 Duckpond </a>