Bugtraq mailing list archives
Re: Fix for HP-UX automountd/autofs exploit (fwd)
From: lamont () SECURITY HP COM (LaMont Jones)
Date: Fri, 31 Dec 1999 07:45:17 -0700
HP is adding/has added executable stack protection to HP-UX 11, and it is quite nice as it is implemented on a per binary basis. Just look at the man page for chatr(1) on a recently patched HP-UX 11 system. I don't know if all the bits required for this to work are operational yet, but I remember hearing that the next release of HP-UX 11 (due next spring I believe) includes "buffer overflow protection". Not that this would help the automountd hole but most of the holes nowadays are buffer overflows so it'll be nice that we'll be able to make them pretty much a thing of the past on HP-UX soon enough, and without the annoying tradeoffs that the Solaris/Linux style global kernel tunable require.
The only sad thing is that for "compatibility", the default is the old, arguably broken, behavior. When you see the tunable 'executable_stack' show up in /usr/conf/master.d/core-hpux, you'll want to set it to 0, which tells it to use the bit in the binary to permit/deny stack promotion. That should eventually become the default (I hope). Of course, this is not an official statement, things can (and do) change, your mileage may vary, etc, etc... lamont
Current thread:
- Re: majordomo local exploit, (continued)
- Re: majordomo local exploit Christopher Schulte (Dec 28)
- Re: majordomo local exploit Todd C. Miller (Dec 28)
- AltaVista rudi carell (Dec 29)
- Re: majordomo local exploit Taneli Huuskonen (Dec 29)
- Re: majordomo local exploit Coolio (Dec 29)
- Re: majordomo local exploit Henrik Edlund (Dec 29)
- bna,sh Loneguard (Dec 30)
- Re: majordomo local exploit Andrew Brown (Dec 30)
- Re: majordomo local exploit Henrik Nordstrom (Dec 30)
- Fix for HP-UX automountd/autofs exploit (fwd) Doug Siebert (Dec 30)
- Re: Fix for HP-UX automountd/autofs exploit (fwd) LaMont Jones (Dec 31)
- vibackup.sh Loneguard (Dec 31)
- More info on MS99-061 (IIS escape character vulnerability) .rain.forest.puppy. (Dec 29)
- Follow UP AltaVista rudi carell (Dec 30)
- Re: majordomo local exploit Brock Sides (Dec 29)