Bugtraq mailing list archives
Re: BIG Security Hole in Solaris 2.X (X)passwd + exploit
From: cschuber () uumail gov bc ca (Cy Schubert - ITSD Open Systems Group)
Date: Tue, 4 Mar 1997 09:08:36 -0800
An Exploit for a Big Big security hole in passwd ( + yppasswd and nispasswd)I tried the exploit and it did not work in machines patched with 103187-09 (Solaris 2.5) or 103612-06 (Solaris 2.5.1). Could some verify this?
This particular exploit does not work, however it does cause a buffer overflow and a subsequent bus error. It should be trivial to modify the exploit to work on patched systems as well.
-- jukka
Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 UNIX Support OV/VM: BCSC02(CSCHUBER) ITSD BITNET: CSCHUBER@BCSC02.BITNET Government of BC Internet: cschuber () uumail gov bc ca cschuber () bcsc02 gov bc ca
Current thread:
- Re: BIG Security Hole in Solaris 2.X (X)passwd + exploit Santithorn Bunchua (Feb 28)
- <Possible follow-ups>
- Re: BIG Security Hole in Solaris 2.X (X)passwd + exploit Cy Schubert - ITSD Open Systems Group (Mar 04)