Bugtraq mailing list archives

possible holes in IRIX administration programs?

From: steve () ecf toronto edu (Steve Kotsopoulos)
Date: Wed, 10 Aug 1994 11:51:00 -0400


In IRIX 4.x, there are several setuid root programs under /usr/lib/vadmin
In IRIX 5.x, there are several setuid root programs under /usr/Cadmin/bin
At this site, we protect these directories by changing their mode to 700.
Other sites may want to take similar precautions.

Some time ago, a colleague of mine had his IRIX 4.x system broken into.
It appears that the crackers used /usr/lib/vadmin/serial_ports to gain
root privs after they got into the system as someone else.

Is anyone aware of a bug in serial_ports? How about the new Cadmin stuff?

Current thread:

PINGWARE bukys () cs rochester edu (Aug 04)
- <Possible follow-ups>
- Re: PINGWARE Jason Prondak (Aug 08)
  - possible holes in IRIX administration programs? Steve Kotsopoulos (Aug 10)
  - Re: PINGWARE John D'Agostino (Aug 10)
    - Re: PINGWARE Timothy Newsham (Aug 10)