Bugtraq mailing list archives

Re: /usr/bin/solstice under solaris 5.5

From: casper () HOLLAND SUN COM (Casper Dik)
Date: Sat, 19 Oct 1996 11:28:11 +0200

/usr/bin/solstice is a program launcher under solaris 2.5
Unfortunately, for some reason, it is distributed set-gid bin,
and politely launches any programs without revoking this.
The exploit:



This is a well known bug which has already been discussed here at length.
/usr/bin/solstice was first shipped with SOlaris 2.5/SunOS 5.5 so older
versions are not at risk.

These patches fix the bug, alternatively you can just remove the set-gid bit.

103245-07: Solaris 2.5_x86: admintool patch
103247-07: SunOS 5.5: admintool patch
103558-05: SunOS 5.5.1: admintool fixes for security and missing swmtool options
103559-05: SunOS 5.5.1_x86: admintool fixes for security/missing swmtool options
103560-05: SunOS 5.5.1_ppc: admintool fixes for security/missing swmtool options

Current thread:

/usr/bin/solstice under solaris 5.5 Grant Kaufmann (Oct 18)
- Re: /usr/bin/solstice under solaris 5.5 Casper Dik (Oct 19)
- Urgent !! Serious Linux Security Bug.... Jake the Prince (Oct 19)
  - Re: Urgent !! Serious Linux Security Bug.... The Cowzilla Man (Oct 19)
  - Re: Urgent !! Serious Linux Security Bug.... TriumpH (Oct 20)
    - Ping Crashes Erik Fichtner (Oct 22)
    - Re: Urgent !! Serious Linux Security Bug.... Kim Alm (Oct 22)
  - Re: Urgent !! Serious Linux Security Bug.... Darren Reed (Oct 22)
- <Possible follow-ups>
- /usr/bin/solstice under solaris 5.5 Scriptors of DOOM (Oct 18)