Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow

Subject: Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow
From: Darren Reed (avalonCOOMBS.ANU.EDU.AU)
Date: Thu Jan 06 2000 - 17:06:31 CST

• Next message: ckRIB.DE: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Previous message: swlodinIQUEST.NET: "PalmCrack - The password testing tool for the Palm Computing Platform"
• In reply to: ±è¿ëÁØ KimYongJun (99Á¹¾÷): "[Hackerslab bug_paper] Solaris chkperm buffer overflow"
• Reply: Darren Reed: "Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In some mail from "±è¿ëÁØ KimYongJun (99Á¹¾÷)", sie said:
>
> [Hackerslab bug_paper] Solaris chkperm buffer overflow
>
>
> File : /usr/vmsys/bin/chkperm
>
> SYSTEM : Solaris 2.x

How amusing.

On of my Solaris7 box's (incidently was pre-installed by Sun) doesn't
appear to have SUNWfac installed. Those that I did myself (complete
OS install) do.

Seems you might be able to do a "pkgrm SUNWfac" and just delete it unless
you actually make use of it.

% grep chkperm /var/sadm/install/contents
/usr/vmsys/bin/chkperm f none 6755 bin bin 10080 40420 904647701 SUNWfac
% pkginfo SUNWfac
system SUNWfac Framed Access Command Environment

Darren

• Next message: ckRIB.DE: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Previous message: swlodinIQUEST.NET: "PalmCrack - The password testing tool for the Palm Computing Platform"
• In reply to: ±è¿ëÁØ KimYongJun (99Á¹¾÷): "[Hackerslab bug_paper] Solaris chkperm buffer overflow"
• Reply: Darren Reed: "Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Fri Jan 07 2000 - 12:38:02 CST