Bugtraq: Re: Solaris 7 x86 lpset exploit.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Solaris 7 x86 lpset exploit.

From: atatat () ATATDOT NET (Andrew Brown)
Date: Wed, 26 Apr 2000 15:51:19 -0400

There is a sparc version avail for this bug, the bug was discovered by
duke some time ago.


just for people who don't know...or have forgotten...putting this:

   set noexec_user_stack = 1
   set noexec_user_stack_log = 1

in your /etc/system file protects you against this.  it doesn't fix
the bug, but it stops the effects from being quite so "bad".

--
|-----< "CODE WARRIOR" >-----|
codewarrior () daemon org             * "ah!  i see you have the internet
twofsonet () graffiti com (Andrew Brown)                that goes *ping*!"
andrew () crossbar com       * "information is power -- share the wealth."

By Date By Thread

Current thread:

Re: Solaris 7 x86 lp exploit, (continued)
- Re: netkill - generic remote DoS attack stanislav shalunov (Apr 24)
- Solaris 7 x86 lpset exploit. Theodor Ragnar Gislason (Apr 24)
  - Re: Solaris 7 x86 lpset exploit. Laurent LEVIER (Apr 24)
    - Re: Solaris 7 x86 lpset exploit. Theodor Ragnar Gislason (Apr 25)
    - Re: Solaris 7 x86 lpset exploit. Andrew Brown (Apr 26)
    - Modifying NT credential and RAZOR's analysis of dvwsrr.dll Iván Arce (Apr 26)
    - Re: Solaris 7 x86 lpset exploit. Len Rose (Apr 26)
    - Re: Solaris 7 x86 lpset exploit. Eugene Ilchenko (Apr 26)
    - Cisco HTTP possible bug: Keith Woodworth (Apr 26)
    - Alert: Cart32 secret password backdoor (CISADV000427) Cerberus Security Team (Apr 26)