Posted on 08/11/2003 2:33:46 PM PDT by STFrancis
Local exploit only, and only on x86 versions, not Sparc versions.
OpenBSD http://www.insecure.org/sploits/OpenBSD.lprm.overflow.html
Interesting exploit, but also local only.
I will list here the conditions that must be met for the exploit to work:
You have a remote printer configured in /etc/printcap.
The length of the attacker's username plus the length of the "rp" capability for the remote printer is >= 7.
The hostname of the remote printer (i.e. the "rm" capability) resolves, and neither the canonical name returned for the host nor any of its aliases match the local hostname.
And all of this on a version which was, at the time of the exploit being found, two versions old.
Trusted Solaris - from Sun's own website! http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/199
Not a Trusted Solaris bug. Can affect Trusted Solaris if you install Java, which is not installed by default.
No software is perfect, but none of the exploits you listed would make it possible for a " average-skilled computer consultants trained in simple yet effective hacks" to crack a machine running OpenBSD or Trusted Solaris remotely, that is, across a network connection. That is what you claimed, after all, but have failed to provide evidence of.
It's good that you won't be coming back to troll anymore. Begone and good riddance, Microsoft apologist.
Security Update 2003-08-14 is now available APPLE-SA-2003-08-14 realpath.
It addresses CAN-2003-0466, a potential vulnerability in the fb_realpath() function, used by the FTPServer and Libc projects, which could allow a local or remote user to gain unauthorized root privileges to a system.
Now then, when you do a search, for CAN-2003-0466 on CERT.org, Apple DID NOT RESPOND to this on July 31, 2003. Other manufacturers CAME OUT WITH FIXES 10 days ago. Apple still buried their head in the sand.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.