On Mon, 18 Nov 1996, Jeremy Elson wrote:
> I have found what I believe is a very serious security hole in the
> gethostbyname() function provided in the nsl library of Solaris 2.5 and
> 2.5.1. The hole allows local users to gain access to a root shell
> (exploit program provided below). There is a good chance this exploit can
> be modified to allow a remote attack, but such a method has not yet been
> found.
After doing some playing around, it looks like this only affects machines
with patch level 103615-01 and up. Try backing out of that patch and it
should fix the problem.
**************************************************************************
Craig Raskin, raskin_at_aoml.noaa.gov "A competent and self-confident person
Unix System Administrator is incapable of jealousy in anything.
U.S. Dept. Of Commerce Jealousy is invariably a symptom of
NOAA/AOML, Miami Fl. neurotic insecurity." -- Heinlein
Received on Nov 18 1996
Intro
