Bugtraq mailing list archives
Re: Screen local compromise
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Thu, 7 Sep 2000 09:39:09 -0400
On Wed, 06 Sep 2000 18:28:58 +0200, Paul Starzetz <paul () STARZETZ DE> said:
it seems that Aix 4.2.x with screen 3.08.06beta (FAU) 18-Dec-96 is still vulnerable :-) -rwsr-xr-x 1 root system 396529 Jan 29 1997 /usr/local/bin/screen-3.8.6
Note that this is *NOT* an AIX issue, as neither screen nor any sort of /usr/local directory tree is shipped as part of AIX 4.2 or 4.3. The sysadmin who installed screen needs to upgrade it to a non-vulnerable version. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Screen local compromise Paul Starzetz (Sep 06)
- Re: Screen local compromise Valdis Kletnieks (Sep 07)