Vulnerability Development mailing list archives

Re: volcheck and sol 8

From: mariusb () NETVISION NET IL (Marius Banica)
Date: Thu, 20 Jul 2000 22:50:02 +0200


hi there goto /etc/rc3.d/ and delete SXXvolmgmt
reboot the machine that's all,

Or execute this "/etc/rc3.d/Sxxvolmgnt stop"

_______________________________________________________

Marius .R. Banica

NetVision Security Department & Corporate WAN department

http://www.NetVision.net.il
NetVision is the leading Israeli ISP Tel: 972-4-8560600
Internet Service Provider Fax: 972-4-8550345
TeleSales: sales () netvision net il 972-4-8560560
WAN Support: wan () NetVision net il 972-4-8560550

Extension #329
Cellular Phone: 051-675413
Email: mariusb () netvision net il

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGPfreeware 6.0.2i

mQGiBDiVWmgRBADSyDjYwidVPQA6DHLV6I8ctubvx0YN9k3XojSwgZb/TGAJz1F1
5c0Vt0P6WbMWlyT3s9PbDuj3vWy5jbcrbur7R9I9Bb06E9Zf+VYNkxaiW9TJMZdY
Dy9XikfMwt3rAQ60a4LCPdMnTrsEyNTwshXwDgDtOfz7R38sZ5o6E5Ct3QCg/2L1
lnYzSgYhrF2CokxR7gzeFBsEAJPg7d1R2+2S/7by18Vzcn6cbrpSwaXCVpi+Tnvy
57pXm4y3pVXeQYeuyR54gtFWqcQ88GqMcE3Zk9byyHVuBY4DkMYF1cCwxrLInUfB
eZmjUZhajHfA6ObsZGcQA6vqq1DWp5xnqLy+8go5L/EkzbJtywzgSnCscq7waIXh
8EKDBADHVj74kLRY/VbSx0EQ7rsg1curqKLRVMF31xdrr7+dUmofdN47bjXLCubh
ov35lPyfBRUUvrULTYzIiva0BHtSjJgwu/IFuMKkh+UTcF37tdQWdR4tnJrIJYIQ
a/fjnLLT7Vh0wJUIjlj0XLh4EmvqmWp1lT9Ma93zDG/7v1RvgrQvTWFyaXVzIFJv
bGFuZCBCYW5pY2EgPG1hcml1c2JAbmV0dmlzaW9uLm5ldC5pbD6JAEsEEBECAAsF
AjiVWmgECwMCAQAKCRA1cMBG75huNQBNAKC50PpKIKEtlnDA9uPQmcq+j6FEbACf
ScObO4fLc4dg+DEnVp3i8VqD5a6JAEYEEBECAAYFAjiVrb0ACgkQcfn8+rgONhIl
DgCePPXlA5R4/LNe2eCE+fWimPVjZc4AoLrwsE3c21lXP3dLqFwUGDRvyhWDuQMN
BDiVWmgQDADMHXdXJDhK4sTw6I4TZ5dOkhNh9tvrJQ4X/faY98h8ebByHTh1+/bB
c8SDESYrQ2DD4+jWCv2hKCYLrqmus2UPogBTAaB81qujEh76DyrOH3SET8rzF/Ok
QOnX0ne2Qi0CNsEmy2henXyYCQqNfi3t5F159dSST5sYjvwqp0t8MvZCV7cIfwgX
cqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyD
vWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5
u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98
iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlA
GBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqr
ol7DVelMMm8AAgIL/0sWbAnzB9beH8ya8byKZ2NsqBbfEMhmV2qKL/1cnTocv7Sm
VJJvZCV/wiDjmie+c8pEUu1oSRmvcABQ7zL9j00xUgZxp2pvFWHu9c1yxeOu1Y63
JBLhZrsXdV8yslFW2RVtECdjcbvKVpyOEqNOIiv4zEryCLXMXdGIh5H5v5T+PLOZ
iM915aUvVL7yn3sipwJ+2T5BfJbCWLFYkjqZ6q/968ykDhs9tRfxUu6Yzu5bXCOC
FD7PDIb/kxIXoBuOdOpqYVKVZJAAWS2EO6qpbQJqavFMY86iQg1CumIXk5NVlZve
qUomtiJoYjxZ3YHVV0g8SSr1duNwK33TQarWNTxvF1EmJ6sHg9ALntVQvfeu0/ED
kTnzLYOOIDY8N0c/RgGqpMP887a+JGar+V+WhdhCEp/42J1ofSMoHHNdLJbIOtxi
CtBvWld41Bgg3RXL1N4IvJKMb12wlEZ9Q/c9fTtwZtGfAhNjqMicGG8kiJY0NfCN
iMmm23ZZNiY4U5kVEIkARgQYEQIABgUCOJVaaAAKCRA1cMBG75huNSxBAKC7ATYe
cQHiecLMKGTLVtTH0YE1rgCeODPcJG82pwD1b7tEBoVAMFGO6gM=
=almn
-----END PGP PUBLIC KEY BLOCK-----
_______________________________________________________

-----Original Message-----
From: Matthew Potter [mailto:mpotter () ATPCO COM]
Sent: Tuesday, July 18, 2000 7:36 PM
To: VULN-DEV () SECURITYFOCUS COM
Subject: volcheck and sol 8

Anyone notice when they insert their goodies CD(the one with the GNU Tools)
from Solaris 8 that it auto runs a script called volstart.

So what happens if I make my own CD with a little shell script which calls
a prebuilt binary with a setuid and setgid 0 , then system("/bin/sh")....
or what ever i want. THis is DEFAULT behavior. I am sure you would disable
it from running in vold.conf.

It's silly since i have physical access anyways....

matt

Current thread:

Re: volcheck and sol 8 Dimitry Andric (Jul 20)
- <Possible follow-ups>
- Re: volcheck and sol 8 Michel Arboi (Jul 20)
  - Re: volcheck and sol 8 Matthew Potter (Jul 20)
- Re: volcheck and sol 8 Marius Banica (Jul 20)
- Re: volcheck and sol 8 Jeffrey Karpenko (Jul 21)
- Re: volcheck and sol 8 Havens, Peter (Jul 21)
- Re: volcheck and sol 8 Michel Arboi (Jul 21)
  - Re: volcheck and sol 8 Sarel J. Botha (Jul 23)
  - Re: volcheck and sol 8 Brian Scanlan (Jul 24)