Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Solaris 2.x utmp hole - Notify CERT?
From: Dan_Thorson () notes seagate com (Dan Thorson )
Date: 18 May 95 12:49:33 EDT

The following is somewhat of a security hole in Solaris 2.x which
allows any non-root user to remove themselves from /var/adm/utmp[x]
files (who, w, finger, etc).
I tried this under Solaris 2.4 on an Intel box.  It worked.
Anyone think a CERT advisory should be issued for this??
I do.  Evasive maneuvers are the start to serious cracking.... the
"feature" should be removed from the OS, and an advisory is a good
way to post a red flag in Sun's to-do list

my opinion anyway.


  By Date           By Thread  

Current thread:
  • Re: Solaris 2.x utmp hole - Notify CERT? Dan Thorson (May 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]