a security hole at the solaris/aix - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Unix - 噫吁兮，危乎高哉

a security hole at the solaris/aix

a security hole at the solaris/aix# Unix - 噫吁兮，危乎高哉

e*m2003-04-01 08:04

1 楼

You could now easily get the root password as long as you have a n account
It might work on linux as well whcih I yet not test.
It is using the buffer overflow!
I just an not belive that solaris/aix gus still have this kind of scurity hole!!!
Sigh, ask you administrator to fix this hole imediately .
surely, you could chnge you yourself to root at first.
echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
you now is the root!
godd luck.

m*e2003-04-01 08:04

2 楼

Maybe just your system is broken.
dc is not setuid root so it cannot work.

【在 e****m 的大作中提到】

: You could now easily get the root password as long as you have a n account
: It might work on linux as well whcih I yet not test.
: It is using the buffer overflow!
: I just an not belive that solaris/aix gus still have this kind of scurity hole!!!
: Sigh, ask you administrator to fix this hole imediately .
: surely, you could chnge you yourself to root at first.
: echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
: you now is the root!
: godd luck.

e*m2003-04-01 08:04

3 楼

Why not ctry it.
That would tell you all
you could also google it.
A defect upon it.

【在 m*****e 的大作中提到】

: Maybe just your system is broken.
: dc is not setuid root so it cannot work.

e*m2003-04-01 08:04

4 楼

You would find it out really a problem
Isn't it?

【在 m*****e 的大作中提到】

: Maybe just your system is broken.
: dc is not setuid root so it cannot work.