Bugtraq mailing list archives
Re: Possible SunOS 5.5.1 sulogin vulnerability
From: casper () holland Sun COM (Casper Dik)
Date: Sat, 16 Nov 1996 01:19:18 +0100
Possible hole in sulogin here? Under Solaris 2.5.1 (sparc & x86), executing /sbin/sulogin from an unprivileged user account dumps you into what appears to be single-user mode with an ugly warning message without prompting for the root password. You don't find this with earlier versions of Solaris (2.5 and lower).
It's a Bourne shell; the only difference with a regular /sbin/sh invocation is that it prints: *** NO ENTRY FOR root IN PASSWORD FILE! *** Entering System Maintenance Mode before starting the shell. And that's because you're not root. The difference between 2.5- and 2.5.1 is that the set-uid bit, which is non-sensical for programs that are supposed to be only started by root anyway, was dropped. Casper
Current thread:
- Possible SunOS 5.5.1 sulogin vulnerability Jason R. Mastaler (Nov 13)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Steve Blass (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Doug Hughes (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Casper Dik (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Michael Douglass (Nov 15)
- El Programa Matador de Ascendes Scriptors of DOOM (Nov 16)
- El Programa Matador de Ascendes Aleph One (Nov 16)
- This week: turn me on, dead man Aleph One (Nov 16)
- Re: El Programa Matador de Little Boys I like so much Aleph One (Nov 16)
- Apologies to Kit Knox and all Aleph One (Nov 16)
- <Possible follow-ups>
- Re: Possible SunOS 5.5.1 sulogin vulnerability Mark Graff (Nov 15)