[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoCvNsEMfE0ClpoD8BfPb3uKFAAAQAAAACCtU2Shu6kOYrR2vFkbA4QEAAAAA@gmail.com>
Date: Wed Jun 29 01:04:48 2005
From: charles.heselton at gmail.com (Charles Heselton)
Subject: Solaris 9/10 ld.so fun
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I did the same. Patchrm-ed 112963-19 to -12. It still works for me.
Uname -a :
SunOS cf-node000 5.9 Generic_118558-09 sun4u sparc SUNW,Ultra-1
- --
- - Charlie
5A27 58D2 C791 8769 D4A4 F316 7BF8 D1F6 4829 EDCF
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf
> Of Piotr KUCHARSKI
> Sent: Tuesday, June 28, 2005 10:49 AM
> To: Przemyslaw Frasunek
> Cc: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com
> Subject: Re: [Full-disclosure] Solaris 9/10 ld.so fun
>
> On Tue, Jun 28, 2005 at 06:17:02PM +0200, Przemyslaw Frasunek
> wrote:
> > This vulnerability was introduced by one of the recent
> patches for Solaris 9,
> > possibly 112963. Ld.so patched with 112963-08 is not
> vulnerable -- it does
> > not allow LD_AUDIT for set[ug]id binaries, but upgrading to
> 112963-16
> > definitly makes ld.so exploitable.
>
> Just patchrm-ed 112963-19 to -12, it is not working anymore.
>
> p.
>
> --
> Beware of he who would deny you access to information, for in his
> heart he dreams himself your master. -- Commissioner Pravin Lal
> http://nerdquiz.sgh.waw.pl/ -- polska wersja quizu dla nerd?w ;)
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQsHll3v40fZIKe3PEQJzqACdEeusRDtTHQUjoZR0UR4MGl5LFccAnA+y
XW7ELeMG8WK7klz/86f83scB
=/+QX
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists