tooltalk/dtaction security vulnerability

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Lamont Granquist <lamontg_at_raven.genome.washington.edu>
Date: Tue, 14 Sep 1999 14:01:01 -0700

These vulnerabilities are easy to exploit on digital unix. Exploit
information should be considered public. If I get some time I may post
exploits to BUGTRAQ in a day or two if nobody beats me to it.

Either patch your machines or 'chmod u-s /usr/dt/bin/*'

= I received a CERT advisory this morning detailing problems with
= tooltalk and dtaction (see attachment).
= Patches are available from Compaq - it seems to affect v4.0d thru v5.0.

-- 
Lamont Granquist                       lamontg_at_genome.washington.edu
Dept. of Molecular Biotechnology       (206)616-5735  fax: (206)685-7344
Box 352145 / University of Washington / Seattle, WA 98195
PGP pubkey: finger lamontg_at_raven.genome.washington.edu | pgp -fka

Received on Tue Sep 14 1999 - 21:04:23 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:39 NZDT