Bugtraq mailing list archives

Re: Security Info (root broken)

From: pug () arlut utexas edu (Pug)
Date: Thu, 29 Sep 1994 14:21:53 -0600 (CDT)

    P> Did you happen to install the following, in particular 101436-02?
    P> Solaris 1.1.1 Patches Containing Security Fixes:
    P> ------------------------------------------------
    P> 101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
This is the patch which made the race condition *easier* to exploit
than it was in the unpatched version.


Yes, and after getting another copy of the exploit script, it's been
pointed out that the race condition can write to ANY file.

Btw, does anyone know if there is a similar race condition on Solaris
2.x?

Ciao,

-- 
Richard Bainter          Mundanely     |    System Analyst        - OMG/CSD
Pug                      Generally     |    Applied Research Labs - U.Texas
          pug () arlut utexas edu         |    pug () bga com
Note: The views may not reflect my employers, or even my own for that matter.

Current thread:

Re: Security Info (root broken), (continued)
- - - Re: Security Info (root broken) Christopher Klaus (Sep 28)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) John Ladwig (Sep 29)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Casper Dik (Sep 29)
    - Re: Security Info (root broken) Timothy Newsham (Sep 29)
    - Old sendmail bugs Michael Neuman (Sep 29)
    - Re: Security Info (root broken) Karl Strickland (Sep 29)
    - Re: Security Info (root broken) Christopher Klaus (Sep 29)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Neil Woods (Sep 29)
    - IBM AIX rlogin fix jim () Tadpole COM (Sep 28)
    - security problem w/ smail james w abendschan (Sep 27)
- Re: setuid scripts in SunOS 4.1.x *Hobbit* (Sep 25)