Bugtraq mailing list archives
Re: SunOS exploit.
From: chris () WESTNET COM (Christopher X. Candreva)
Date: Mon, 19 May 1997 11:25:03 -0400
On Sun, 18 May 1997, Trevor Linton wrote:
On sunos, if you execute a clean bash shell then type, export USER="root" then USER=$LOGNAME, then execute chsh root or chfn root you can change the root information.
I was unable to duplicate this on SunOS 4.1.3, using bash 2.00.0(1) /usr/bin/passwd (which chsh and chfn are links to) however are not original, so possibly some security patch fixed this already. -Chris ========================================================== Chris Candreva -- chris () westnet com -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/
Current thread:
- Irix and WWW Yuri Volobuev (May 16)
- SunOS exploit. Trevor Linton (May 18)
- Re: SunOS exploit. Christopher X. Candreva (May 19)
- Re: SunOS exploit. Austin Schutz (May 19)
- Re: SunOS exploit. Daniel Reish (May 20)
- Re: SunOS exploit. Christopher X. Candreva (May 19)
- Re: Irix and WWW James Bonfield (May 19)
- Re: Irix and WWW Bill Paul (May 19)
- SunOS exploit. Trevor Linton (May 18)