Bugtraq mailing list archives
Re: Vunerability in HP sysdiag ?
From: shaunl () march co uk (Shaun Lowry)
Date: Wed, 25 Sep 1996 09:15:24 +0100
Hi all, If this is out, I apologize. Subject: Vunerability in HP sysdiag ??? Program and Systems that I did this on: The sysdiag program on HP 9000/700/HPUX9.05 (has PHSS_7587) HP 9000/800/HPUX9.04 (not sure of patch regarding diags)
Also confirmed on HP-UX viper B.10.10 A 9000/712 2003117870
To Prevent: For now, turn off the set uid on the programs involved.
Does anyone know of a valid reason why normal users should be allowed to use sysdiag anyway? Shaun. -- Shaun Lowry | March Systems Ltd., http://www.march.co.uk/ PGP Key available | 14 Brewery Court, High St., from key servers or | Theale, UK. RG7 5AJ via e-mail on request | +44 118 930 4224
Current thread:
- Vunerability in HP sysdiag ? John W. Jacobi (Sep 21)
- Re: Vunerability in HP sysdiag ? Shaun Lowry (Sep 25)
- Re: Vunerability in HP sysdiag ? Aggelos P. Varvitsiotis (Sep 25)
- Re: Vunerability in HP sysdiag ? Tobias Richter (Sep 25)
- NT 4.0 default permissions Dan Shearer (Sep 25)
- HP-UX SAM hole... John W. Jacobi (Sep 25)
- NT security et al *Hobbit* (Sep 25)