Bugtraq: Re: Solaris 7 x86 lpset exploit.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Solaris 7 x86 lpset exploit.

From: len () NETSYS COM (Len Rose)
Date: Wed, 26 Apr 2000 21:01:49 -0400


But it still breaks JRE/JDK (unless that was fixed when I wasn't paying
attention)

On Wed, Apr 26, 2000 at 03:51:19PM -0400, Andrew Brown wrote:

just for people who don't know...or have forgotten...putting this:

   set noexec_user_stack = 1
   set noexec_user_stack_log = 1

in your /etc/system file protects you against this.  it doesn't fix
the bug, but it stops the effects from being quite so "bad".

By Date By Thread

Current thread:

Solaris 7 x86 lpset exploit., (continued)
- Solaris 7 x86 lpset exploit. Theodor Ragnar Gislason (Apr 24)
  - Re: Solaris 7 x86 lpset exploit. Laurent LEVIER (Apr 24)
    - Re: Solaris 7 x86 lpset exploit. Theodor Ragnar Gislason (Apr 25)
    - Re: Solaris 7 x86 lpset exploit. Andrew Brown (Apr 26)
    - Modifying NT credential and RAZOR's analysis of dvwsrr.dll Iván Arce (Apr 26)
    - Re: Solaris 7 x86 lpset exploit. Len Rose (Apr 26)
    - Re: Solaris 7 x86 lpset exploit. Eugene Ilchenko (Apr 26)
    - Cisco HTTP possible bug: Keith Woodworth (Apr 26)
    - Alert: Cart32 secret password backdoor (CISADV000427) Cerberus Security Team (Apr 26)
    - Re: Alert: Cart32 secret password backdoor (CISADV000427) Bill Borton (Apr 28)
    - Re: Alert: Cart32 secret password backdoor (CISADV000427) Knud Erik Højgaard (Mar 30)