xnews and XDM

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Vatsal P. Sonecha: "Re: xnews and XDM"
• Previous message: dan: "Possible Ultrix issue"
• Next in thread: Vatsal P. Sonecha: "Re: xnews and XDM"

	AIX has a similar hole.  The DPS server can be entered by
/usr/lpp/DPS/bin/dpsexec.  Since X runs as root, you can then open and
write to any root owned file.

	I haven't bothered to write an exploit script, but I did try
running /etc/security/passwd, and I got a root: UndefinedCommand
error.

	Someone opened a bug against this inside IBM--I forget who,
but to my knowledge, know action has been taken.

--Sam

• Next message: Vatsal P. Sonecha: "Re: xnews and XDM"
• Previous message: dan: "Possible Ultrix issue"
• Next in thread: Vatsal P. Sonecha: "Re: xnews and XDM"