Bugtraq mailing list archives
Re: admintool (was Re: Zolaris 2.5 Exploited.)
From: leif () netscape com (Leif Hedstrom)
Date: Fri, 26 Jul 1996 12:05:50 -0700
anthony baxter writes:Just go to the "Groups" menu, and you'll have a nice and clean /.rhosts file to play with... :(Hell, even easier, /tmp/.pwd.lock - you don't even need to select 'groups'. :)
Yup... I've also been informed (thanks Donald Carvalho!) that vold on Solaris-2.5 is also broken. It creates /tmp/.removable/cdrom0 (for instance) with 666 and no security checks. I've verified this, works "fine"...:-( I believe the "vold" hole requires you to have physical access to the machine, to insert a cdrom into the caddy. Bad anyway... Summary: These 2.5 applications are completely broken kcms_calibrate kcms_configure admintool and to some extent vold The kcms_* binaries are part of the KCMS Runtime environment, SUNWkcsrt. If you don't have this package installed, your are in better shape. `admintool' is in the package named SUNWadmap. -- Leif
Current thread:
- Re: admintool (was Re: Zolaris 2.5 Exploited.) Paul Ashton (Jul 26)
- <Possible follow-ups>
- Re: admintool (was Re: Zolaris 2.5 Exploited.) Leif Hedstrom (Jul 26)