AOH :: SunOS/Solaris :: COMSAT.HTM

AOH :: SunOS/Solaris :: COMSAT.HTM
Solaris 8 in.comsat overflow

Vulnerability

    in.comsat

Affected

    Solaris 8

Description

    Robert Weber found  following.  In  solaris 8, sun  eliminated the
    wtmp/utmp with  the improved  wtmpx/utmpx.   In the  update of all
    programs  that  read  these  someone  missed a "char tty[20]" that
    stores a utmpx-->ut_line[32].   When pty's start  getting high  in
    number comsat dumps core.

    Well we are not good enough to somehow put a bad pty in the  utmpx
    and somehow use  the extra 12  chars for an  exploit but we  think
    it's shotty work.

Solution

    You can use xbiff or a better mail program, It is the 21st century
    and all that.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2010 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.