Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: another /usr/dt/bin/dtappgather feature!

From: spd () GTC1 CPS UNIZAR ES (J.A. Gutierrez)
Date: Fri, 6 Nov 1998 18:35:36 +0100


This isn't a permissions problem on the directories, note that his output
shows that the directory does have the new (ie. patched) permissions. I
tested this on a completely patched system (patched it right before I
tested it with the latest ones from sunsolve1). I was still able to
replicate the exploit.


        The problem with DTUSERSESSION was already posted on last
        Feb 24; and by then, the "Solaris dtappgather patch" fixed the
        DTUSERSESSION but not the link (directory permissions) problem,
        which probably is fixed by the other patch on 2.5.x.

        So, at least Solaris 2.6 (sparc) with recent patches is not
        vulnerable.

--
finger spd () gtc1 cps unizar es for PGP       /              So be easy and free
.mailcap tip of the day:                   /      when you're drinking with me
application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day
text/x-vcard; cat '%s' > /dev/null       /            (the pogues)
Previous By Date Next
Previous By Thread Next

Current thread: