Bugtraq mailing list archives

Re: Solaris 2.3-2.4 Audit Bug

From: cklaus () shadow net (Christopher Klaus)
Date: Sun, 12 Feb 1995 17:45:08 -0500 (EST)


I'm sorry if this has been discussed before.

There is a major security problem with auditing under solaris 2.3
and 2.4.  If you run bsmconv to turn on auditing, any user can
break root very very easily.  I'ld say more but I'ld like to give
sun at least a little bit of a chance to fix it first.

I have access to the source code for the os and have tracked down
the one line of bad code.  How can I contact Sun to tell them the
problem with this line of code?????????????


Send email to info () iss net with the following in the body of the message:

send vendor for faq

This will send you the FAQ for various vendors to get in touch with.

You can also email Sun at security-alert () sun com and I am sure Mark Graff
can help you.

Chris

-- 
Christopher William Klaus       Voice: (404)441-2531. Fax: (404)441-2431
Internet Security Systems, Inc.         Computer Security Consulting
2000 Miller Court West, Norcross, GA 30071

Current thread:

Re: IFS, (continued)
- - - Re: IFS Jas (Feb 13)
    - Re: IFS Paul Robinson (Feb 14)
    - Re: IFS David Barr (Feb 15)
    - Re: IFS Julian Assange (Feb 15)
    - Re: IFS Nate Sammons - CVL System Admin (Feb 15)
- Re: SUID shell scripts, questions? David A. Wagner (Feb 10)
  - Re: SUID shell scripts, questions? Peter Wemm (Feb 11)
    - Returned mail: Cannot send message for 2 days Mail Delivery Subsystem (Feb 11)
    - Re: SUID shell scripts, questions? Casper Dik (Feb 11)
    - Solaris 2.3-2.4 Audit Bug Dow Summers (Feb 11)
    - Re: Solaris 2.3-2.4 Audit Bug Christopher Klaus (Feb 12)
- Re: SUID shell scripts, questions? Quentin Fennessy (Feb 10)