Bugtraq mailing list archives
Re: sigh. another Irix 5.2 hole.
From: ccshag () cclabs missouri edu (Paul 'Shag' Walmsley)
Date: Tue, 7 Mar 1995 12:01:40 -0600 (CST)
On Tue, 7 Mar 1995, anthony baxter wrote:
/usr/sbin/colorview is setuid root, and takes a -text filename option. It reads this as root, and can read any file on the system. And, as an added bonus, it gives you a nice little widget with a scrollbar on it so you can page through the file.
This one's about a year old - see the SGI Admin FAQ for this and lots of other IRIX security info (finger sgi-faq () viz tamu edu for location information) - Paul "Shag" Walmsley <ccshag () cclabs missouri edu> "I'll drink a toast to bold evolution any day!"
Current thread:
- sigh. another Irix 5.2 hole. anthony baxter (Mar 06)
- Re: sigh. another Irix 5.2 hole. Paul 'Shag' Walmsley (Mar 07)
- Re: sigh. another Irix 5.2 hole. Norman P. B. Joseph (Mar 07)
- Request for subscription into the list Dayakar Veerlapati (Mar 07)
- Request for subscription into the list -=Where Eagles Dare=- (Mar 07)
- STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 08)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Mr Martin J Hargreaves (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor John Studarus (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Rodney Campbell (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Scott D. Yelich (Mar 13)
- STROBE mirror Robert M. Haas (Mar 13)