Bugtraq mailing list archives
Re: SunOS exploit.
From: tex () COLLEGENET COM (Austin Schutz)
Date: Mon, 19 May 1997 12:45:43 -0700
On Mon, 19 May 1997, Christopher X. Candreva wrote:
On Sun, 18 May 1997, Trevor Linton wrote:On sunos, if you execute a clean bash shell then type, export USER="root" then USER=$LOGNAME, then execute chsh root or chfn root you can change the root information.I was unable to duplicate this on SunOS 4.1.3, using bash 2.00.0(1) /usr/bin/passwd (which chsh and chfn are links to) however are not original, so possibly some security patch fixed this already.
I was able to duplicate this on a pretty vanilla 4.1.3 setup. bash$ uname -a SunOS elbereth 4.1.3_U1 2 sun4c bash$ Tex
Current thread:
- Irix and WWW Yuri Volobuev (May 16)
- SunOS exploit. Trevor Linton (May 18)
- Re: SunOS exploit. Christopher X. Candreva (May 19)
- Re: SunOS exploit. Austin Schutz (May 19)
- Re: SunOS exploit. Daniel Reish (May 20)
- Re: SunOS exploit. Christopher X. Candreva (May 19)
- Re: Irix and WWW James Bonfield (May 19)
- Re: Irix and WWW Bill Paul (May 19)
- SunOS exploit. Trevor Linton (May 18)