Bugtraq mailing list archives
possible holes in IRIX administration programs?
From: steve () ecf toronto edu (Steve Kotsopoulos)
Date: Wed, 10 Aug 1994 11:51:00 -0400
In IRIX 4.x, there are several setuid root programs under /usr/lib/vadmin In IRIX 5.x, there are several setuid root programs under /usr/Cadmin/bin At this site, we protect these directories by changing their mode to 700. Other sites may want to take similar precautions. Some time ago, a colleague of mine had his IRIX 4.x system broken into. It appears that the crackers used /usr/lib/vadmin/serial_ports to gain root privs after they got into the system as someone else. Is anyone aware of a bug in serial_ports? How about the new Cadmin stuff?
Current thread:
- PINGWARE bukys () cs rochester edu (Aug 04)
- <Possible follow-ups>
- Re: PINGWARE Jason Prondak (Aug 08)
- possible holes in IRIX administration programs? Steve Kotsopoulos (Aug 10)
- Re: PINGWARE John D'Agostino (Aug 10)
- Re: PINGWARE Timothy Newsham (Aug 10)