Bugtraq mailing list archives

Re: sigh. another Irix 5.2 hole.

From: ccshag () cclabs missouri edu (Paul 'Shag' Walmsley)
Date: Tue, 7 Mar 1995 12:01:40 -0600 (CST)


On Tue, 7 Mar 1995, anthony baxter wrote:


/usr/sbin/colorview is setuid root, and takes a -text filename 
option. It reads this as root, and can read any file on the system.
And, as an added bonus, it gives you a nice little widget with a 
scrollbar on it so you can page through the file.


This one's about a year old - see the SGI Admin FAQ for this and lots 
of other IRIX security info (finger sgi-faq () viz tamu edu for location 
information)


- Paul "Shag" Walmsley <ccshag () cclabs missouri edu>
  "I'll drink a toast to bold evolution any day!"

Current thread:

sigh. another Irix 5.2 hole. anthony baxter (Mar 06)
- Re: sigh. another Irix 5.2 hole. Paul 'Shag' Walmsley (Mar 07)
- Re: sigh. another Irix 5.2 hole. Norman P. B. Joseph (Mar 07)
  - Request for subscription into the list Dayakar Veerlapati (Mar 07)
  - Request for subscription into the list -=Where Eagles Dare=- (Mar 07)
  - STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 08)
    - Re: STROBE v1.01 Super Optimised TCP port surveyor Mr Martin J Hargreaves (Mar 12)
    - Re: STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 12)
    - Re: STROBE v1.01 Super Optimised TCP port surveyor John Studarus (Mar 12)
    - Re: STROBE v1.01 Super Optimised TCP port surveyor Rodney Campbell (Mar 12)
    - Re: STROBE v1.01 Super Optimised TCP port surveyor Scott D. Yelich (Mar 13)
    - STROBE mirror Robert M. Haas (Mar 13)

(Thread continues...)