Bugtraq mailing list archives
Re: Buffer overflows in Solaris 2.6 ufsdump and ufsrestore
From: eugene.bradley () erols com (Eugene Bradley)
Date: Thu, 23 Apr 1998 20:50:53 +0000
I confirmed the segmentation fault for Solaris 2.6 SPARC on a Sun Ultra Enterprise 2 box running Solaris 2.6 with the current (4/8) recommended & security patch cluster, plus the following patches specific to ufsdump and ufsrestore [1]: 105722-01: SunOS 5.6: /usr/lib/fs/ufs/ufsdump patch 105724-01: SunOS 5.6: /usr/lib/fs/ufs/ufsrestore patch I have an open ticket with SunService on this vulnerability. Best fix I know of for now: chmod ug-s /usr/lib/fs/ufs/ufsdump chmod u-s /usr/lib/fs/ufs/ufsrestore Unfortunately, my job doesn't use gcc for development, so I was unable to compile ufsdump.c at all to test for tty or even root shell exploitation. -- Eugene Bradley eugene.bradley () geocities com (Personal ONLY!) http://www.geocities.com/SiliconValley/Haven/9323/ [1]You need a SunService contract *and* a valid registration at http://sunsolve.sun.com/sunsolve/contractservices.html to obtain these patches. -- Eugene Bradley eugene.bradley () erols com (Personal ONLY!) eugenebradley () geocities com (everything else) http://www.geocities.com/SiliconValley/Haven/9323/
Current thread:
- Buffer overflows in Solaris 2.6 ufsdump and ufsrestore Seth McGann (Apr 23)
- Re: Buffer overflows in Solaris 2.6 ufsdump and ufsrestore Jonathan A. Zdziarski (Apr 23)
- <Possible follow-ups>
- Re: Buffer overflows in Solaris 2.6 ufsdump and ufsrestore Eugene Bradley (Apr 23)