Date: Sun, 17 Nov 1996 10:51:03 -0500 (EST) From: Will Brown <ewb@zns.net> To: freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611171551.KAA09581@selway.i.com>
next in thread | raw e-mail | index | archive | help
FYI: The exploit fails on Solaris 2.5. Works on FreeBSD 2.1.5. On Solaris, /tmp/sh is created (r-sr-sr--) but executing it does not give root privilege. Assume this is due to restrictions in Solaris on executing setuid root programs outside of certain directories? Perhaps that defense can be easily overcome, or is it a good last line of defense? Why not a similar defense in FreeBSD? My apologies if this has been hashed over already. Obviously not good in any case. -- Will Brown
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611171551.KAA09581>