Bugtraq mailing list archives

Re: solaris 2.x rdist exploit/ too many humbles :P

From: casper () HOLLAND SUN COM (Casper Dik)
Date: Fri, 14 Aug 1998 20:16:40 +0200

John Mcdonald wrote:


Enclosed is an exploit for a hole in Solaris rdist that I believe the
patch #105667-01 adresses. That patch is for 2.6. I've personally tested
the exploit on 2.6, 2.5.1, and 2.5 machines.


I've tested the rdist exploit on a Sparc 20 w/ Solaris 2.6 unpatched, and
it works. It is foiled however by adding "set noexec_user_stack=1" to
/etc/system.


For those unfamiliar with the feature, also try "set noexec_user_stack_log =1";
it will cause messages to be logged in such cases.

Casper

Current thread:

Re: solaris 2.x rdist exploit/ too many humbles :P gilbert () ALLEYCAT VPI HYDRO QC CA (Aug 14)
- Re: solaris 2.x rdist exploit/ too many humbles :P Casper Dik (Aug 14)
- crashme on SGI O2 running 6.3 Igor Schein (Aug 14)
- [micq] ICQ Hole (fwd) The big-dog (Aug 14)
- MySQL DoS ? Phear Me (Aug 14)
  - Re: MySQL DoS ? Pablo Luis Bucich (Aug 15)