Vulnerability Development: volcheck and sol 8

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

volcheck and sol 8

From: mpotter () ATPCO COM (Matthew Potter)
Date: Tue, 18 Jul 2000 13:35:56 -0400


Anyone notice when they insert their goodies CD(the one with the GNU Tools)
from Solaris 8 that it auto runs a script called volstart.

So what happens if I make my own CD with a little shell script which calls
a prebuilt binary with a setuid and setgid 0 , then system("/bin/sh")....
or what ever i want. THis is DEFAULT behavior. I am sure you would disable
it from running in vold.conf.

It's silly since i have physical access anyways....

matt

By Date By Thread

Current thread:

Re: Nokia 7110 Wap Browser Hole Tink (Jun 20)
- <Possible follow-ups>
- Re: Nokia 7110 Wap Browser Hole Kristjan Kristinsson (Jul 17)
  - volcheck and sol 8 Matthew Potter (Jul 18)
  - Re: Nokia 7110 Wap Browser Hole Ralph Moonen (Jul 18)
  - Re: Nokia 7110 Wap Browser Hole Bluefish (Jul 18)
    - Re: Nokia 7110 Wap Browser Hole Juan M. Courcoul (Jul 20)
    - Re: Nokia 7110 Wap Browser Hole Tin Le (Jul 20)
    - Re: Nokia 7110 Wap Browser Hole Bojan Zdrnja (Jul 21)