Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit

Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit

From: Russell Street <r.street_at_AUCKLAND.AC.NZ>
Date: Tue, 19 Nov 1996 16:01:27 +1300

> After doing some playing around, it looks like this only affects machines
> with patch level 103615-01 and up. Try backing out of that patch and it
> should fix the problem.

I have a 2.5 machines (SS4, SS10) that is vunerable. It has no patches at
all installed.

The exploit does not work on my 2.5.1 Ultra-1. Presumably this is
just a matter of getting the machine code right for the platform. ;)

Russell
----
Russell Street <r.street_at_auckland.ac.nz> Is it really Wednesday today?
Received on Nov 18 1996

This message: [ Message body ]
Next message: Mike Battersby: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
Previous message: Paul B. Henson: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
In reply to: Craig Raskin: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
Next in thread: Mike Battersby: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
Reply: Mike Battersby: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
Reply: Oliver Friedrichs: "Serious BIND resolver problem."
Reply: jaeger: "Futile rexecd holes"
Reply: Alan Cox: "Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit"
Reply: Aleph One: "ssh w/ solaris 2.5.[1]"
Reply: Todd Vierling: "ALERT: Solaris 2.5.1 locks up on TCP connections in Pine 3.9x"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]