Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: Solaris 7 x86 lpset exploit.

Re: Solaris 7 x86 lpset exploit.

From: Andrew Brown <atatat_at_ATATDOT.NET>
Date: Wed, 26 Apr 2000 15:51:19 -0400

>>There is a sparc version avail for this bug, the bug was discovered by
>>duke some time ago.

just for people who don't know...or have forgotten...putting this:

set noexec_user_stack = 1
set noexec_user_stack_log = 1

in your /etc/system file protects you against this. it doesn't fix
the bug, but it stops the effects from being quite so "bad".

--
|-----< "CODE WARRIOR" >-----|
codewarrior_at_daemon.org             * "ah!  i see you have the internet
twofsonet_at_graffiti.com (Andrew Brown)                that goes *ping*!"
andrew_at_crossbar.com       * "information is power -- share the wealth."

Received on Apr 26 2000

This message: [ Message body ]
Next message: Mariusz Woloszyn: "Re: man-exploit for MANPAGER environment..."
Previous message: Casper Dik: "Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit"
In reply to: Laurent LEVIER: "Re: Solaris 7 x86 lpset exploit."
Next in thread: Len Rose: "Re: Solaris 7 x86 lpset exploit."
Reply: Len Rose: "Re: Solaris 7 x86 lpset exploit."
Reply: Eugene Ilchenko: "Re: Solaris 7 x86 lpset exploit."
Reply: Iván Arce: "Modifying NT credential and RAZOR's analysis of dvwsrr.dll"
Reply: Keith Woodworth: "Cisco HTTP possible bug:"
Reply: Cerberus Security Team: "Alert: Cart32 secret password backdoor (CISADV000427)"
Reply: Jor: "Re: Solaris 7 x86 lpset exploit."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]