-----BEGIN PGP SIGNED MESSAGE----- Content-Type: text/plain; charset=us-ascii > B U G T R A Q A L E R T bugtraq-alert-081495.01 > [...] > Scott Chasin > chasin@crimelab.com Good job Scott. I tried this attack on /usr/bin/ps and /usr/ucb/ps, and it works on both of them. This makes me think that more than just solaris 2.x machines are vulnerable (depending on the /tmp sticky bit). - -- Michael Dilger Michael.Dilger@Sun.COM ENS, Network Security Group Sun Microsystems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMDDSWTY+1VQoRvQxAQETkgQAifsbHZkIfZcyYbJjvbiGRe8hS5eV7ptB MP5UkEGqDztosq7j/fMcOpOjuQBEKHJpplQK2c+CqsYj/nkqRhHsq1GWDjqw7uFJ sIdZ/JOlQ8NwYl0wQQWDTk3YwT05H7E3xwyQE9vpEwOBc1tSr2k4r2HkZDPaOsow KKv5/Aj8d2g= =0rcK -----END PGP SIGNATURE-----