Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: xnews and XDM

xnews and XDM

Sam Hartman (hartmansbga.com)
Wed, 20 Jul 1994 19:52:18 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Vatsal P. Sonecha: "Re: xnews and XDM"
Previous message: dan: "Possible Ultrix issue"
Next in thread: Vatsal P. Sonecha: "Re: xnews and XDM"

	AIX has a similar hole.  The DPS server can be entered by
/usr/lpp/DPS/bin/dpsexec.  Since X runs as root, you can then open and
write to any root owned file.

	I haven't bothered to write an exploit script, but I did try
running /etc/security/passwd, and I got a root: UndefinedCommand
error.

	Someone opened a bug against this inside IBM--I forget who,
but to my knowledge, know action has been taken.

--Sam

Next message: Vatsal P. Sonecha: "Re: xnews and XDM"
Previous message: dan: "Possible Ultrix issue"
Next in thread: Vatsal P. Sonecha: "Re: xnews and XDM"