Bugtraq mailing list archives
Re: ff.core exploit on Solaris (2.)7
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Fri, 15 Jan 1999 14:20:36 +0100
Greetings, Confirmed ff.core exploit does exist in Solaris 7, server edition. System is straight installation, no patches of any category available for 7 from Sunsolve yet.
There's another workaround for the "ff.core" bug rather than taking away it's set-uid permissions. The workaround is: chmod a-w /vol/* (Best added to the volmgt starup script in the following fashion, after the line that starts vold: while sleep 1 do if [ -d /vol/rmt ] then chmod a-w /vol/* break fi done & This leaves a 1 second window or so of vulnerability at boot time which you can prevent by starting vold earlier than cron & inetd. Casper
Current thread:
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service), (continued)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Darren Reed (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Nick Maclaren (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Mark Crosbie (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Pete Kruckenberg (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Thamer Al-Herbish (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Len Budney (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Thamer Al-Herbish (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Kragen Sitaker (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Darren Reed (Jan 08)
- ff.core exploit on Solaris (2.)7 Daniel J. Frasnelli (Jan 08)
- Re: ff.core exploit on Solaris (2.)7 Casper Dik (Jan 15)
- L0pht tmp tool and (mini) Advisory Dr. Mudge (Jan 08)
- Re: Anonymous Qmail Denial of Service Wietse Venema (Jan 10)
- Keeping Solaris up-to-date John RIddoch (Jan 11)
- Keeping any up-to-date? Randolf-Heiko Skerka (Jan 13)
- Re: Keeping any up-to-date? Ciaran Deignan (Jan 15)
- Re: Keeping any up-to-date? Peter May (Jan 15)
- Tracing by uid u after root does setuid(u) D. J. Bernstein (Jan 12)