Steve Kotsopoulos wrote:
>: There is no way to know if someone has exploited the bug. It's such
>: a quiet little hole that it doesn't leave a mark anywhere. You don't
>: even have to logon to exploit it. That's how bad it is.
Wait a minute, they said the bug could be exploited without logging in?
The original notice said:
]A potential vulnerability has been discovered in the IRIX 5.2 operating
]system which would enable an unprivileged user to become an active
]root user. ~~~~
So which is it?
Also, here's one I tried to send out while bugtraq was on hiatus.
/usr/sbin/colorview is setuid root and can be used to read any file on
the system (e.g., /etc/shadow) with the "-text" option. Affects IRIX
5.2 at least.