Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Screen local compromise
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Thu, 7 Sep 2000 09:39:09 -0400

On Wed, 06 Sep 2000 18:28:58 +0200, Paul Starzetz <paul () STARZETZ DE>  said:
it seems that Aix 4.2.x with screen 3.08.06beta (FAU) 18-Dec-96 is still
vulnerable :-)

-rwsr-xr-x   1 root     system    396529 Jan 29 1997
/usr/local/bin/screen-3.8.6

Note that this is *NOT* an AIX issue, as neither screen nor any sort of
/usr/local directory tree is shipped as part of AIX 4.2 or 4.3.  The
sysadmin who installed screen needs to upgrade it to a non-vulnerable
version.
--
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault