Home page logo

bugtraq logo Bugtraq mailing list archives

Local root compromise in GNQS 3.50.6 and 3.50.7
From: philippe_andersson () STE SCITEX COM (Philippe Andersson)
Date: Wed, 22 Mar 2000 13:50:04 +0100

A large security hole was uncovered last month in Generic-NQS ver.
3.50.6 and 3.50.7. This hole leads to immediate local root compromise.

All users of those versions are requested to upgrade to ver. 3.50.8 or
later ASAP. The updated package can be downloaded from
(Please note that versions as of 3.50.8 fail to compile on HP-UX 11.00 -
a fix for this platform should be released later this week).

Users of previous versions are not vulnerable. The fix introduced in
ver. 3.50.8 will also log any attempt at exploiting the vulnerability.

On the request of GNQS Maintainer, Stuart Herbert
<S.Herbert () sheffield ac uk>, I'm not releasing the actual exploit
technique, since it would allow any 5-year old with an shell account on
the affected system(s) to gain root in no time.

For more information about Generic-NQS, please check

Credit for the discovery goes to Gilbert Mets, Unix System Manager @
Scitex Europe, S.A.

Have a nice day.

Ph. A.



   /* Scitex Europe, S.A.      | Philippe Andersson                   */
   /* Dreve Richelle, 161, E-F,| PC & Network Specialist              */
   /* 1410 WATERLOO            | philippe_andersson () ste scitex com    */
   /* BELGIUM                  | +32-2-352.25.93 Fax: +32-2-352.25.84 */

<LI>text/x-vcard attachment: Card for Philippe Andersson

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]