Bugtraq: xnews and XDM

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

xnews and XDM

From: hartmans () bga com (Sam Hartman)
Date: Wed, 20 Jul 1994 19:52:18 -0500


        AIX has a similar hole.  The DPS server can be entered by
/usr/lpp/DPS/bin/dpsexec.  Since X runs as root, you can then open and
write to any root owned file.

        I haven't bothered to write an exploit script, but I did try
running /etc/security/passwd, and I got a root: UndefinedCommand
error.

        Someone opened a bug against this inside IBM--I forget who,
but to my knowledge, know action has been taken.

--Sam

By Date By Thread

Current thread:

xnews and XDM Sam Hartman (Jul 20)
- Re: xnews and XDM Vatsal P. Sonecha (Jul 20)
  - xnews and XDM Sam Hartman (Jul 21)
- /etc/subnetconfig Aleph One (Jul 20)
- xnews and XDM Sam Hartman (Jul 21)
- Possible Ultrix issue A. Rich (Jul 21)