Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

HP-UX 11.0/800 patches leave suid binaries

From: lamontg () RAVEN GENOME WASHINGTON EDU (Lamont Granquist)
Date: Fri, 5 Feb 1999 18:35:51 -0800

The following file is left suid root after a patch installation in HP-UX
11.0:

-r-s--x--x   1 root       bin          20480 Nov  7  1997
/var/adm/sw/save/PHCO_13214/CMDS-AUX/usr/bin/newgrp

% uname -a
HP-UX xxxx B.11.00 A 9000/898 1687633341 two-user license

Fortunately, the /var/adm/sw/save directory is only readable by root. I do
not know if the newgrp binary is vulnerable, or if the PHCO_13214 patch is
a security patch.  I still feel this is poor practice by HP.  HP-UX admins
should scan their systems for other suid binaries which have been left
lying around by other patches:

% find / ! -local -prune -o -type f \( -perm -4000 -o -perm -2000 \) -exec ls -lad \{\} \;

(assuming you don't want to scan your NFS disks, adjust accordingly if you
do...)

--
Lamont Granquist                       lamontg () raven genome washington edu
Dept. of Molecular Biotechnology       (206)616-5735  fax: (206)685-7344
Box 352145 / University of Washington / Seattle, WA 98195
PGP pubkey: finger lamontg () raven genome washington edu | pgp -fka
Previous By Date Next
Previous By Thread Next

Current thread: