Bugtraq mailing list archives
Re: IRIX midikeys root exploit.
From: torkel () HPC2N UMU SE (Björn Torkelsson)
Date: Fri, 21 May 1999 08:55:01 +0200
Erik Mouw <J.A.K.Mouw () ITS TUDELFT NL> writes:
I have tested this on 2 IRIX 6.5 hosts with success. A patch exists for startmidi and stopmidi buffer overflows.Verified to work on an O2 running IRIX 6.3: uname -aR IRIX o2 6.3 O2 R10000 12161207 IP32 And on an Octane running IRIX 6.5.3: uname -aR IRIX64 octane 6.5 6.5.3m 01221553 IP30
Verified to work on an O2 running IRIX 6.5.3. After a chmod u-s midikeys, midikeys still works, at least after a very quick test. Does anybody know why midikeys is setuid root? Is this reported to SGI? /torkel
Current thread:
- IRIX midikeys root exploit. Larry W. Cashdollar (May 19)
- <Possible follow-ups>
- Re: IRIX midikeys root exploit. Erik Mouw (May 20)
- Re: IRIX midikeys root exploit. Philipp Schott (May 20)
- Re: IRIX midikeys root exploit. Björn Torkelsson (May 20)
- Re: IRIX midikeys root exploit. Steve Allen (May 21)