I know this is a little off topic... but...
We've just had one of our "student access" Ultrix 4.4 servers shutdown
unceremoniously right under our noses, the only suspicious thing we can
find is a bunch of "dxterm" processes being run just before the machine
was "rebooted" (the server is headless and the xterms were displaying on
some PC's running NT4.0 with eXcursion). I remember a few years back there
was a vulnerability with setuid xterm's under Ultrix... does this problem
still exist under Ultrix 4.4 and Digital Unix 4.0. There's been some
messages recently on bugtraq about problems with X11R6 (and earlier)
clients not handling buffer overruns very well.
Or should I just remove the setuid bit on xterms as a matter of course!
_____________________________________________________________________________
Andrew "Alf" Leahy, phone: 047 360385
Unix Administrator, mailto:alf_at_nepean.uws.edu.au
Systems & Ops, TASS, CCD, UWS Nepean
http://www.st.nepean.uws.edu.au/~alf/
Received on Fri Mar 14 1997 - 01:25:02 NZDT