Bugtraq mailing list archives
Re: AIX 4.1.4.0 local root LC_MESSAGES /usr/sbin/arp exploit
From: troy () AUSTIN IBM COM (Troy Bollinger)
Date: Mon, 8 May 2000 08:05:09 -0500
Quoting cripto (cripto () SUBTERRAIN NET):
Hello, One of you will have to test this on AIX 4.3, as 4.1.4.0 is the most recent release I have access to. -cripto Subterrain Security Group http://www.subterrain.net /* * AIX 4.1.4.0 local root /usr/sbin/arp exploit - SSG-arp.c - 06/06/2000 * * This code is largely from an old AIX mount exploit by Georgi Guninski. * Tested on a blazing 33Mhz RS/6000 IBM POWERserver 340! * * Shouts to bind, xdr, obecian, qwer7y, interrupt, linda, and ur mom. * * -cripto <cripto () subterrain net> .o0-> SSG ROX 2000 !@#$$#@! <-0o. */
This was fixed in 1997 in 3.2, 4.1 and 4.2. The fix is also in the initial release of 4.3. Here's the APAR information: AIX 3.2.5 ========= Apply the following fix to your system: PTFs - U447656 U447671 U447676 U447682 U447705 U447723 (APAR IX67405) To determine if you have these PTFs on your system, run the following command: lslpp -lB U447656 U447671 U447676 U447682 U447705 U447723 AIX 4.1 ======= Apply the following fix to your system: APAR - IX67407 To determine if you have this APAR on your system, run the following command: instfix -ik IX67407 Or run the following command: lslpp -h bos.rte.libc Your version of bos.rte.libc should be 4.1.5.7 or later. AIX 4.2 ======= Apply the following fix to your system: APAR - IX67377 To determine if you have this APAR on your system, run the following command: instfix -ik IX67377 Or run the following command: lslpp -h bos.rte.libc Your version of bos.rte.libc should be 4.2.0.11 or later. -- Troy Bollinger <troy () austin ibm com> Network Security Analyst PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
Current thread:
- AIX 4.1.4.0 local root LC_MESSAGES /usr/sbin/arp exploit cripto (May 07)
- Re: AIX 4.1.4.0 local root LC_MESSAGES /usr/sbin/arp exploit Troy Bollinger (May 08)