Unix rdist-popen-gain-privileges: Sept - Tech Support Guy Forums

Search
Search for:

>
Unix rdist-popen-gain-privileges: Sept

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ] Closed Thread

Thread Tools

eddie5659 eddie5659 is offline

eddie5659 is authorized to help remove malware.

Moderator with 20,365 posts.

Join Date: Mar 2001

Location: Bradford, England

08-Oct-2001, 06:53 PM #1

Unix rdist-popen-gain-privileges: Sept

Hiya

I think this is the right place.

usr/ucb/rdist 'popen' allows user to gain root privileges

Many Unix platforms could allow a local attacker to gain root access, caused by a vulnerability in the /usr/ucb/rdist. The rdist uses popen to execute sendmail as root. A local attacker can exploit this vulnerability by modifying the Internal Field Separator (IFS) variable to create setuid root programs

Platforms Affected:
IRIX: All Versions
NeXTSTEP: All Versions
SunOS 4.0.3
SunOS 4.1
SunOS 4.1.1
Unicos: All Versions

http://xforce.iss.net/static/7160.php

Regards

eddie

__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

Weekends I may be busy, so there may be a delay in replies.

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!

« Previous Thread | Linux and Unix | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools
Show Printable Version Email this Page

Twitter! | Podcast | Mobile | Advertise