Re: Solaris 2.5.1 party piece

Joe Gross (jgross@UIUC.EDU)
Fri, 20 Jun 1997 21:38:23 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Anderson: "Performance problems on Ultra 2"
Previous message: Aleph One: "http://www.news.com/News/Item/0,4,11759,00.html"
Maybe in reply to: Alan Cox: "Solaris 2.5.1 party piece"

On Fri, Jun 20, 1997 at 02:26:27PM +0200, Bojan Zdrnja wrote:
>
> Also didn't work on my Solaris 2.5.1, but on Solaris 2.4 it works!

I just tried it on a freshly installed, fully patched 2.5.1 system and this
attack does indeed work.

If you change the "lo0" to "le0" or "hme0" (depending on your interface
names) it will work like a charm.

This also works with rexecd.

The 2.6 machine I tried it on is not vulnerable.

--
Joe Gross        | CCSO Unix Systems Engineer - University of Illinois UC
jgross@uiuc.edu  | finger for pgp public key

Next message: Jon Anderson: "Performance problems on Ultra 2"
Previous message: Aleph One: "http://www.news.com/News/Item/0,4,11759,00.html"
Maybe in reply to: Alan Cox: "Solaris 2.5.1 party piece"