Re: IRIX 5.2 Security Advisory

Dave Sill (de5@de5.CTD.ORNL.GOV)
Tue, 9 Aug 1994 11:03:04 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: max@gac.edu: "Re: IRIX 5.2 Security Advisory"
Previous message: Steve Kotsopoulos: "IRIX 5.2 Security Advisory"
In reply to: Steve Kotsopoulos: "IRIX 5.2 Security Advisory"
Next in thread: max@gac.edu: "Re: IRIX 5.2 Security Advisory"

Steve Kotsopoulos wrote:
>
>: There is no way to know if someone has exploited the bug. It's such
>: a quiet little hole that it doesn't leave a mark anywhere. You don't
>: even have to logon to exploit it. That's how bad it is.

Wait a minute, they said the bug could be exploited without logging in?
The original notice said:

]A potential vulnerability has been discovered in the IRIX 5.2 operating
]system which would enable an unprivileged user to become an active
]root user.                                ~~~~

So which is it?

Also, here's one I tried to send out while bugtraq was on hiatus.
/usr/sbin/colorview is setuid root and can be used to read any file on
the system (e.g., /etc/shadow) with the "-text" option.  Affects IRIX
5.2 at least.

-Dave

Next message: max@gac.edu: "Re: IRIX 5.2 Security Advisory"
Previous message: Steve Kotsopoulos: "IRIX 5.2 Security Advisory"
In reply to: Steve Kotsopoulos: "IRIX 5.2 Security Advisory"
Next in thread: max@gac.edu: "Re: IRIX 5.2 Security Advisory"