Date: Sun, 17 Nov 1996 10:31:55 -0600 (CST) From: Justen Stepka <raistlin@chaos.ecpnet.com> To: Will Brown <ewb@zns.net> Cc: freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <Pine.LNX.3.93.961117103039.2324A-100000@chaos.ecpnet.com> In-Reply-To: <199611171551.KAA09581@selway.i.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 17 Nov 1996, Will Brown wrote: > FYI: The exploit fails on Solaris 2.5. Works on FreeBSD 2.1.5. On > Solaris, /tmp/sh is created (r-sr-sr--) but executing it does not give > root privilege. Assume this is due to restrictions in Solaris on > executing setuid root programs outside of certain directories? Perhaps > that defense can be easily overcome, or is it a good last line of > defense? Why not a similar defense in FreeBSD? > > My apologies if this has been hashed over already. > > Obviously not good in any case. > > -- > Will Brown > Thing is that the new FreeBSD is patched for this and it won't work. I'm sure that 2.2-SNAP has the fix but I havn't tested it. I know that 3.0-Current is patched and that's whats important for me :) ------------------------------------------------------------------------------ Justen Stepka | http://www.ecpnet.com/~raistlin Network Administrator | "This space for rent" raistlin@ecpnet.com | 3.0-CURRENT FreeBSD 3.0-CURRENT ------------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.93.961117103039.2324A-100000>