|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: xnews and XDM
Vatsal P. Sonecha (sonecha
eecs.umich.edu)Wed, 20 Jul 1994 22:28:14 -0400 (EDT)
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Aleph One: "/etc/subnetconfig"
- Previous message: Sam Hartman: "xnews and XDM"
- In reply to: Sam Hartman: "xnews and XDM"
- Next in thread: Sam Hartman: "xnews and XDM"
> > > AIX has a similar hole. The DPS server can be entered by > /usr/lpp/DPS/bin/dpsexec. Since X runs as root, you can then open and > write to any root owned file. > > I haven't bothered to write an exploit script, but I did try > running /etc/security/passwd, and I got a root: UndefinedCommand > error. > > Someone opened a bug against this inside IBM--I forget who, > but to my knowledge, know action has been taken. > > --Sam > What version of AIX would this be? And, I would be very appreciative to find out where I can get an exploit script. Thanks, Vatsal. | __o Vatsal P. Sonecha | Advanced Integrated Solutions, Inc. | | _ \<,_ Monal V. Sonecha | 3745 Greenbrier Blvd, Unit# 227-C | | (_)/ (_) Ph: 313.994.5748 | Ann Arbor, MI 48105-2682 | |~~~~~~~~~~ FAX: 313.994.5758 | United States of America |
- Next message: Aleph One: "/etc/subnetconfig"
- Previous message: Sam Hartman: "xnews and XDM"
- In reply to: Sam Hartman: "xnews and XDM"
- Next in thread: Sam Hartman: "xnews and XDM"