Re: /bin/login overflow in SunOS 4.x?

From: David Foster (foster@dim.ucsd.edu)
Date: 12/18/01


Date: Tue, 18 Dec 2001 10:58:54 -0800 (PST)
From: David Foster <foster@dim.ucsd.edu>
To: bparent@calvin.ucsd.edu


>
> Does anyone know whether SunOS 4.x is vulnerable to the /bin/login
> buffer overflow problem? CERT's CA-2001-34 lists "Solaris 8 and earlier"
> as vulnerable. It's not clear to me whether this includes SunOS 4.x,
> (which at some point was part of Solaris 1.x).

Good question, though I wouldn't think so since this is supposed
to be a vulnerability in System V-derived /bin/login only.

Someone please correct me if I am wrong.

Dave Foster

   << All opinions expressed are mine, not the University's >>

  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
   David Foster National Center for Microscopy and Imaging Research
    Programmer/Analyst University of California, San Diego
    dfoster@ucsd.edu Department of Neuroscience, Mail 0608
    (858) 534-7968 http://ncmir.ucsd.edu/
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

   "The reasonable man adapts himself to the world; the unreasonable one
   persists in trying to adapt the world to himself. Therefore, all progress
   depends on the unreasonable." -- George Bernard Shaw



Relevant Pages