Bugtraq mailing list archives
ufsdump problem under Solaris 2.6 with ufs.c
From: fury () NEXXUS NET (posix)
Date: Mon, 27 Sep 1999 14:59:49 -0700
A while ago somebody posted source for an exploit using ufsdump under Solaris 2.x. ( ufs.c ) I checked out Sun's site and looked for which patches were released to correct this problem. All of them appear to be for Solaris 2.5.1. We have applied the latest cluster patch on this new box ( 2.6_Recommended.tar Sep 15/99 ) ( after a fresh install of Solaris ), yet ufsdump still is exploitable on this system. Was there a patch to fix this problem under 2.6? ( other than turning off the setUID bit ) Many thanx in advance... ---- Richard Stride "Fear conquers understanding. Understanding conquers fear"
Current thread:
- [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Marc SPARC (Sep 23)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Tymm Twillman (Sep 26)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Solar Designer (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Sep 27)
- ufsdump problem under Solaris 2.6 with ufs.c posix (Sep 27)
- Re: ufsdump problem under Solaris 2.6 with ufs.c Carson Gaspar (Sep 29)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Sean-Paul Rees (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Valdis.Kletnieks () VT EDU (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Alan Cox (Sep 28)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Mike Iglesias (Sep 28)
- Team Asylum: iHTML Merchant Vulnerabilities Team Asylum (Sep 28)
- Team Asylum: Yahoo! Messenger DoS Team Asylum (Sep 28)
- Sun's TTSESSION Vulnerability Bauer, Rich (Sep 29)
- Re: Sun's TTSESSION Vulnerability Richard L. Goerwitz (Sep 29)
- WWWBoard Elias Levy (Sep 29)
- ufsdump problem under Solaris 2.6 with ufs.c posix (Sep 27)
(Thread continues...)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Tymm Twillman (Sep 26)