Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2001/08/28 12:0 a.m.23 views

patchadd.pl

Here is an exploit to an old bug for patchadd in Solaris. It exploits a symlink vulnerability to clobber files with output from patchadd. This was written and tested on Solaris 2.8 Sparc with the current patch cluster applied. -- Larry http://vapid.dhs.org:8080 !/usr/local/bin/perl Exploit for...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/19 12:0 a.m.23 views

Solaris patchadd(1) (3) symlink vulnerabilty

Greetings Bugtraq, I was playing around with patchadd and the bug was found when I issued a "truss -f -o patch.log patchadd patch" where patch was a tarball and then patchadd omitted an error because of it being a tarball, so then when I went through the debug output, i found out that there was a...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/12/19 12:0 a.m.25 views

Дырка в patchadd под Solaris

Уязвимость символьных линков + некорректные разрешения на временные файлы...

0.7AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2000/12/18 12:0 a.m.11 views

Solaris 2.5.12.67.08 - patchadd Race Condition

Solaris 2.5.12.67.08 - patchadd Race Condition source: https://www.securityfocus.com/bid/2127/info patchadd is the patch management tool included with the Solaris Operating Environment, distributed by Sun Microsystems. A problem exists which could allow a user to corrupt or append system files. T...

7.4AI score
Exploits0
Rows per page
Query Builder