Bugtraq mailing list archives

Re: IRIX 5.2 Security Advisory - Mystery Solved

From: mjh25920 () ggr co uk (Martin Hargreaves)
Date: Wed, 10 Aug 1994 15:02:48 +0000 (GMT)


On Wed, 10 Aug 1994, Jim Littlefield wrote:

The only time the hole can be exploited is when sgihelp is running as root.
Clogin runs as root, of course. It may be possible to do the same thing via the
"System Manager" functions, although I have not checked (yet).


        /usr/sbin/PrintStatus runs suid root, and calls sgihelp. F1 isn't 
needed you can just hit the help button.

        Martin.


 Martin Hargreaves       |  mjh25920 () ggr co uk 
 Computational Chemist   |  ch11mh () surrey ac uk
 Glaxo  R & D            |  No problem is so large that 
 & Surrey University     |  we can't fit it in somewhere

Current thread:

Re: IRIX 5.2 Security Advisory - Mystery Solved Jim Littlefield (Aug 10)
- Re: IRIX 5.2 Security Advisory - Mystery Solved Martin Hargreaves (Aug 10)
- IRIX 5.2 security problem Phil Cox (Aug 10)
  - Re: IRIX 5.2 security problem Jim Littlefield (Aug 11)
  - Firewall tools for VMS? Andrew T. Rodnite (Aug 11)
  - Archive?/sendmail holes?/rdist hole? Andrew T. Rodnite (Aug 11)
- Solaris 2.3 login Jas (Aug 10)
- <Possible follow-ups>
- Re: IRIX 5.2 Security Advisory - Mystery Solved Martin Hargreaves (Aug 11)