Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

IRIX "gr" core dumps

From: Geoff Galitz <galitz () chem berkeley edu>
Date: Sat, 6 Oct 2001 16:24:44 -0700

We have a hacked IRIX box where the intruder hijacked a
user password then apparently attacked the box locally via
a buffer overflow.  We found a series of core dumps in the
hijacked user directory generated by "gr."

Unfortunately, I cannot find any references to what gr actually
is or a known exploit for it.  Perhaps someone on the list
has more information on this?

-geoff


----------------------------------------------------------------------------------
Geoff Galitz                               |
UC Berkeley                             |             D'oh!
galitz () uclink berkeley edu   |

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: