Bugtraq mailing list archives
Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm]
From: Kevin.L.Prigge-2 () tc umn edu (Kevin L Prigge)
Date: Thu, 5 Dec 1996 16:15:20 -0600
Kevin L Prigge said:
Problem: Vulnerabilities in /usr/vmsys/bin/chkperm Platform: Solaris 2.4, 2.5, 2.5.1, other System V derived systems with the FACE package installed
We have since learned that this has been fixed in 2.5 and above. There is still the problem of creating a file owner bin, group bin in the current directory with a filename made up of unprintable characters. This is probably poor error handling rather than a security problem. Kevin Prigge <klp () tc umn edu> John Ladwig <jladwig () soils umn edu> -- Kevin L. Prigge | Some mornings, it's just not worth Systems Software Programmer | chewing through the leather straps. Internet Enterprise - OIT | - Emo Phillips University of Minnesota |
Current thread:
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Terrell Thacker (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul B. Henson (Dec 05)
- SGI Security Advisory 19961201-01-PX - Desktop searchbook Program SGI Security Coordinator (Dec 05)
- suid_exec problem clarification Yuri Volobuev (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Nikolai Matyushenko (Dec 06)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul B. Henson (Dec 06)
- New INN security problems Chris Timmons (Dec 06)
- suid_exec Javier Romeu (Dec 06)
- <Possible follow-ups>
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Kevin L Prigge (Dec 05)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Paul Ashton (Dec 06)
- Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm] Casper Dik (Dec 06)