Bugtraq: Re: Solaris 2.5.1 party piece

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Solaris 2.5.1 party piece

From: jgross () UIUC EDU (Joe Gross)
Date: Fri, 20 Jun 1997 21:38:23 -0500


On Fri, Jun 20, 1997 at 02:26:27PM +0200, Bojan Zdrnja wrote:


Also didn't work on my Solaris 2.5.1, but on Solaris 2.4 it works!


I just tried it on a freshly installed, fully patched 2.5.1 system and this
attack does indeed work.

If you change the "lo0" to "le0" or "hme0" (depending on your interface
names) it will work like a charm.

This also works with rexecd.

The 2.6 machine I tried it on is not vulnerable.

--
Joe Gross        | CCSO Unix Systems Engineer - University of Illinois UC
jgross () uiuc edu  | finger for pgp public key

By Date By Thread

Current thread:

Re: http://www.news.com/News/Item/0,4,11759,00.html, (continued)
- Re: Netscape Admin Servers /tmp/deamonstat Corinne Posse (Jun 17)
  - Re: Netscape Admin Servers /tmp/deamonstat Valdis.Kletnieks () VT EDU (Jun 18)
    - Re: your mail J. Joseph Max Katz (Jun 18)
    - Re: your mail yeti (Jun 19)
    - WE FOUND IT! (fwd) Jason R Mastaler (Jun 18)