Bugtraq mailing list archives
Re: Irix: suid_exec hole
From: Kari.Hurtta () ozone fmi fi (Kari E. Hurtta)
Date: Fri, 6 Dec 1996 00:17:38 +0200
Yuri Volobuev:
Yes, one more Irix root vulnerability, and yes, it's another suid program. ABSTRACT /sbin/suid_exec is owned by root and suid. I don't know what it's supposed to do, but it can be easily exploited by any local user to get root priorities. Exploit works on both 5.3 and 6.2 machines, it's part of eoe.sw.unix and thus is installed on each and every machine. FIX: chmod -s /sbin/suid_exec
Seems that /sbin/suid_exec is part of ksh. At least it is mentioned in manual page of ksh: FILES /etc/passwd /etc/profile /etc/suid_profile $HOME/.profile /tmp/sh* /dev/null
Current thread:
- Irix: suid_exec hole Yuri Volobuev (Dec 02)
- Re: Irix: suid_exec hole Kari E. Hurtta (Dec 05)
- <Possible follow-ups>
- Re: Irix: suid_exec hole Dean Gaudet (Dec 04)