Bugtraq mailing list archives

Re: Possible SunOS 5.5.1 sulogin vulnerability

From: swb () aurora phys utk edu (Steve Blass)
Date: Fri, 15 Nov 1996 17:59:42 -0500


I just tried it on a patched 2.5.1 box and it does *look like it goes into
single user mode but I still couldn't edit /etc/shadow.  Near as I can
tell it just gave me a subshell.

-
swb


On Wed, 13 Nov 1996, Jason R. Mastaler wrote:

Possible hole in sulogin here?  Under Solaris 2.5.1 (sparc & x86),
executing /sbin/sulogin from an unprivileged user account dumps you
into what appears to be single-user mode with an ugly warning message
without prompting for the root password.  You don't find this with
earlier versions of Solaris (2.5 and lower).

________________________________________________________________

sol251% /sbin/sulogin

*** NO ENTRY FOR root IN PASSWORD FILE! ***

Entering System Maintenance Mode

$

________________________________________________________________

sol25% /sbin/sulogin

Type Ctrl-d to proceed with normal startup,
(or give root password for system maintenance):

________________________________________________________________

Current thread:

Possible SunOS 5.5.1 sulogin vulnerability Jason R. Mastaler (Nov 13)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Steve Blass (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Doug Hughes (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Casper Dik (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Michael Douglass (Nov 15)
- El Programa Matador de Ascendes Scriptors of DOOM (Nov 16)
- El Programa Matador de Ascendes Aleph One (Nov 16)
  - This week: turn me on, dead man Aleph One (Nov 16)
  - Re: El Programa Matador de Little Boys I like so much Aleph One (Nov 16)
  - Apologies to Kit Knox and all Aleph One (Nov 16)
- <Possible follow-ups>
- Re: Possible SunOS 5.5.1 sulogin vulnerability Mark Graff (Nov 15)