Bugtraq mailing list archives
Re: Solaris 2.x chkperm/arp vulnerabilities
From: ruefenac () DIGSIGTRUST COM (Craig Ruefenacht)
Date: Mon, 6 Dec 1999 12:07:02 -0700
Hi, I verified that this bug exists in Solaris 2.7 with the latest security and recommended patches too.
Arp bug Verified for my Solaris 5.6 and 5.5.1 Installs. $ uname -a SunOS pangea 5.5.1 Generic_103640-26 sun4u sparc SUNW,Ultra-5_10 # uname -a SunOS vapid 5.6 Generic_105181-05 sun4u sparc SUNW,Ultra-5_10 # $ ls -l /etc/bin -rw-rw---- 1 bin bin 23 Dec 1 13:54 /etc/bin On both machines I could read bin:bin owned files as a regular joe user with arp
-- ------------------------------------------------------------- Craig Ruefenacht Systems Engineer ruefenac () digsigtrust com Digital Signature Trust (801) 983-4401 http://www.digsigtrust.com/ ------------------------------------------------------------- <HR NOSHADE> <UL> <LI>application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature </UL>
Current thread:
- Solaris 2.x chkperm/arp vulnerabilities Brock Tellier (Nov 30)
- <Possible follow-ups>
- Re: Solaris 2.x chkperm/arp vulnerabilities Larry W. Cashdollar (Dec 01)
- Re: Solaris 2.x chkperm/arp vulnerabilities Casper Dik (Dec 03)
- Re: Solaris 2.x chkperm/arp vulnerabilities Craig Ruefenacht (Dec 06)
- Re: Solaris 2.x chkperm/arp vulnerabilities Casper Dik (Dec 03)