Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
From: Ian_MacPhedran () dvinci usask ca (Ian MacPhedran)
Date: Wed, 20 Sep 1995 18:25:14 -0600


On Tue, 19 Sep 1995, Goetz von Escher wrote:

On Sep 19,  4:33pm, Sten Gunterberg wrote:

There's no patch yet, but Sun is apparently working on one. The Bug-IDs
are 1219835 for Solaris 1.x (SunOS 4.x) and 1220257 for Solaris 2.x.
Try to give those to local Sun support and see what happens :-)

Solaris 2.x ??? - I thought this is a BSD problem? Are you telling
me that *all* my Solaris boxes are vulnerable too?

As well as those from other vendors. This is not strictly a Sun problem.

Also local Sun support told me that the patch for Bug 1219835 has been
integrated into SunOS 4.1.4 and there probably won't be a patch for
older versions! Here's the bug info they sent me:

 Bug Id:     1219835
 Product:  sunos
 Category:  utility
 Subcategory:  other
 Release summary: 4.1.3, 4.1.4, 4.1.3_U1, 4.1
 Bug/Rfe:  bug
 State:  integrated

Here's the latest header on that bug report:
 Bug Id:     1219835
 Category:  utility
 Subcategory:  other
 State:  fixed
 Release summary: 4.1.3_U1, 4.1.4, 4.1.3, no-v4, 4.1, 5.4, 5.3
 Synopsis:  Syslog(3) can be abused to gain root access on 4.X systems
        Integrated in releases:
 Patch id:
Description:

Note that there are _NO_ entries for "integrated in releases" nor "patch
id".

But now I'm really getting confused when I read the mail by Andy Cowley
who said:

On Sep 19,  4:17pm, andy () btc uwe ac uk wrote:
-  Is Sun working on a patch?
...
patches are available to existing fault call owners. If the problem
is severe for you persuade Sun to send them. They are :-

        4.1.3_U1 domestic libc          = T101759-04
        4.1.3_U1 international libc     = T101558-07
        4.1.4 domestic libc             = T102544-03
        4.1.4 international libc        = T102545-03

These are betas and Sun will expect testing and a report.

So why would there be a test patch for SunOS 4.1.4 if it was fixed
in that release? I guess one of you guys is wrong.

Your local Sun person was probably wrong. Have them recheck their
information. Note that there is mention of a patch (100909) in bug report
1219835 which is thought to have fixed this which would have been
included in 4.1.3_U1, and 4.1.4. However, it appears that this may not be
the case.

Ian.
----------------------------------------------------------------------------
Ian MacPhedran,    Engineering Computer Centre,   2B13 Engineering Building,
University of Saskatchewan,  57 Campus Drive,  Saskatoon SK  S7N 5A9, CANADA
Phone: (306)966-4832 Fax: (306)966-5205  Email: Ian_MacPhedran () engr USask CA



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault