Bugtraq mailing list archives

Re: IRIX 5.3 chost

From: mkienenb () arsc edu (Mike Kienenberger)
Date: Mon, 12 Aug 1996 15:57:34 -0800


On Mon, 12 Aug 1996, Vern Hart wrote:

I just installed patch 1096 on a 5.3 system here and I am still able to
get in through the chost security hole.  So I'm pretty sure the patch
doesn't plug the hole.


How about patch 1324?

       This patch contains fixes for the following bugs in IRIX
       5.3.  Bug numbers from Silicon Graphics bug tracking system
       are included for reference.

          o The IRIX 5.3 permissions panel has a security hole that
            will allow non-privileged users to change the ownership
            and permissions on any file on the system.  This patch
            should be installed on all IRIX 5.3 systems to remove
            the security hole. (Bug #375613)

This is probably the patch that fixes the problem.
---
Mike Kienenberger    Arctic Region Supercomputing Center
Systems Analyst      (907) 474-6842
mkienenb () arsc edu    http://www.arsc.edu

Current thread:

Re: IRIX 5.3 chost Grant Kaufmann (Aug 07)
- <Possible follow-ups>
- Re: IRIX 5.3 chost Bill Nickless (Aug 11)
  - Re: IRIX 5.3 chost Grant Kaufmann (Aug 12)
- Re: IRIX 5.3 chost Vern Hart (Aug 12)
  - Re: IRIX 5.3 chost Mike Kienenberger (Aug 12)
  - mail storm Dan Stromberg (Aug 12)
    - Re: mail storm Dan Stromberg (Aug 12)
    - Re: mail storm Arik Baratz (Aug 13)
    - Re: mail storm Albert Lunde (Aug 12)
    - Re: mail storm Igor Chudov @ home (Aug 12)
    - Vulnrability in all known Linux distributions bloodmask (Aug 12)
    - Re: Vulnrability in all known Linux distributions Steve Czetty (Aug 13)
    - Re: Vulnrability in all known Linux distributions Alan Brown (Aug 13)
    - Re: Vulnrability in all known Linux distributions Elliot Lee (Aug 13)
    - Re: Vulnrability in all known Linux distributions Alan Cox (Aug 14)

(Thread continues...)