Date: Wed, 7 Apr 1999 22:11:03 -0700
From: Russell Van Tassell <russell@CSCORP.COM>
To: BUGTRAQ@netspace.org
Subject: Solaris7 and ff.core

Forgive me as I just started playing with Solaris 7 and don't recall
seeing this yet posted to Bugtraq.

It would appear as though an old bug with the OpenWeirdos File Mangler
has crept up again in Solaris 7 (I believe patch 106222-01 was supposed
to fix it back in Solaris 2.6 (and 106224-01 in Solaris 2.5.1)).  Very
basically, using ff.core it is possible for a normal user to overwrite
arbitrary files on the system (that would include things like /etc/shadow)
and do serious damage to the system (I will leave that exercise to the
reader).

Admins should remove the setuid and setgid bits from ff.core.

Regards,
Russell


--
Russell M. Van Tassell
russell@cscorp.com

-------------------------------------------------------------------------

Date: Thu, 8 Apr 1999 11:05:48 -0700
From: Stefan Molnar <stefan@csudsu.com>
To: BUGTRAQ@netspace.org
Subject: Re: Solaris7 and ff.core

That bug has never been truly fixed.  It should be fixed by Solaris
7 5/99 (hw2).  Just taking changeing the permissions on /vol will
also fix the problem.  chmod a-w /vol/*

Stefan