Bugtraq mailing list archives

Re: SCO POP remote root exploit

From: belal () SCO COM (Bela Lubkin)
Date: Wed, 15 Jul 1998 16:26:08 -0700


Vit Andrusevich wrote:

   Here is my ( ??:)  ) exploit  for SCOPOP server.
Offset 0 is for version 2.1.4-R3.
ASM string was little modified for SCO syscall style.
Tested on SCO Open Server 5.0.4.


Yep, that works.  Thanks.

A replacement popper is in the works here, based on the security fixes
in 3.52.  Apparently SCO's popper has some other changes which must be
merged together, so it's not just a matter of get-configure-make.  But
anyone reading this could get and build a replacement from qualcomm.

Bela<

Current thread:

SCO POP remote root exploit Vit Andrusevich (Jul 15)
- <Possible follow-ups>
- Re: SCO POP remote root exploit Bela Lubkin (Jul 15)
- Re: SCO POP remote root exploit Bela Lubkin (Jul 16)