Re: Security Info (root broken)

Neil Woods (neil@legless.demon.co.uk)
Fri, 30 Sep 1994 00:53:45 +0100 (GMT+0100)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Karl Strickland: "Re: Various resources"
Previous message: Mike O'Connor: "Re: Security Info (root broken) (fwd)"
In reply to: Pug: "Re: Security Info (root broken)"
Next in thread: Mark: "Re: Security Info (root broken)"

> 
> >     P> Did you happen to install the following, in particular 101436-02?
> >     P> Solaris 1.1.1 Patches Containing Security Fixes:
> >     P> ------------------------------------------------
> >     P> 101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
> > This is the patch which made the race condition *easier* to exploit
> > than it was in the unpatched version.
> 
> Yes, and after getting another copy of the exploit script, it's been
> pointed out that the race condition can write to ANY file.
> 
> Btw, does anyone know if there is a similar race condition on Solaris
> 2.x?
> 

Yes this is the case, judging from trace output I've seen.

Cheers,

Neil

-- 
Bull in the Heather, Me and My Charms, The Lights, Sensual World, Go, Ritual,
Handsome and Gretel, Take Me, Blue Room, Drunken Butterfly, She's Lost Control.

        ...like a badger with an afro throwing sparklers at the Pope...

Next message: Karl Strickland: "Re: Various resources"
Previous message: Mike O'Connor: "Re: Security Info (root broken) (fwd)"
In reply to: Pug: "Re: Security Info (root broken)"
Next in thread: Mark: "Re: Security Info (root broken)"