Re: Security Info (root broken)

Pug (pug@arlut.utexas.edu)
Thu, 29 Sep 1994 14:21:53 -0600 (CDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Timothy Newsham: "Re: Security Info (root broken)"
Previous message: Scott Schwartz: "Re: [cklaus@shadow.net: Re: Security Info (root broken)]"
In reply to: John Ladwig: "Re: Security Info (root broken)"
Next in thread: Neil Woods: "Re: Security Info (root broken)"

>     P> Did you happen to install the following, in particular 101436-02?
>     P> Solaris 1.1.1 Patches Containing Security Fixes:
>     P> ------------------------------------------------
>     P> 101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
> This is the patch which made the race condition *easier* to exploit
> than it was in the unpatched version.

Yes, and after getting another copy of the exploit script, it's been
pointed out that the race condition can write to ANY file.

Btw, does anyone know if there is a similar race condition on Solaris
2.x?

Ciao,

-- 
Richard Bainter          Mundanely     |    System Analyst        - OMG/CSD
Pug                      Generally     |    Applied Research Labs - U.Texas
          pug@arlut.utexas.edu         |    pug@bga.com
Note: The views may not reflect my employers, or even my own for that matter.

Next message: Timothy Newsham: "Re: Security Info (root broken)"
Previous message: Scott Schwartz: "Re: [cklaus@shadow.net: Re: Security Info (root broken)]"
In reply to: John Ladwig: "Re: Security Info (root broken)"
Next in thread: Neil Woods: "Re: Security Info (root broken)"