what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

sms.101.selection_svc

sms.101.selection_svc
Posted Mar 27, 1994

sms.101.selection_svc

SHA-256 | 5b0ddf72d72e75be051e6b0bd4925b984700888a5035bf03fe14e103bc90246b

sms.101.selection_svc

Change Mirror Download
SUN MICROSYSTEMS SECURITY BULLETIN: #00101

This information is only to be used for the purpose of alerting
customers to problems. Any other use or re-broadcast of this
information without the express written consent of Sun Microsystems
shall be prohibited.

Sun expressly disclaims all liability for any misuse of this information
by any third party.
---------------------------------------------------------------------------

These patches are available through your local Sun answer centers
worldwide. As well as through anonymous ftp to ftp.uu.net in the
~ftp/sun-dist directory.

Please refer to the BugID and PatchID when requesting patches from Sun
answer centers.

NO README information will be posted in the patch on UUNET. Please refer
the the information below for patch installation instructions.

This is releated to the selection_svc bug in Sunview reference Bugid 1039576
and patchID 100085-03
Reference:

Patch-ID# 100085-03
Synopsis:selection_svc and rpc can be used to gain access to system files
Date: 05-Sept-90

SunOS release: 4.0.3, 4.1, sun386i 4.0.1/4.0.2

Problem Description: selection_svc can be used to get /etc/passwd from a
machine you do not have login permissions to this can also be used
to view user files on that machine.


NEW bug information:
-------------------------------------------------------------------------

Sun Bug ID : 1040747
Synopsis : sv_xv_sel_svc and rpc can be used to gain access to system files
Sun Patch ID : 100184-02
Available for: Sun3, Sun4 Openwindows 2.0

Checksum of compressed tarfile 100184-02.tar.Z: 33786 35


--------------------------------------------------------------------------
README information follows:

Patch-ID# 100184-02
Keywords:bugid 1040747
Synopsis: sv_xv_sel_svc and rpc can be used to gain access to system files
Date: 14/Dec/90

SunOS release: 4.0.3 or later

Unbundled Product: Open Windows

Unbundled Release: Version 2

Topic:

BugId's fixed with this patch: 1040747

Architectures for which this patch is available: sun4 sun3

Patches which may conflict with this patch:

Obsoleted by: Open Windows Version 3

Problem Description:

sv_xv_sel_svc and rpc can be used to gain access to system files.

INSTALL:

mv $OPENWINHOME/bin/xview/sv_xv_sel_svc $OPENWINHOME/bin/xview/sv_xv_sel_svc.orig
cp `arch`/sv_xv_sel_svc $OPENWINHOME/bin/xview/sv_xv_sel_svc



Brad Powell
Sun Microsystems
Software Security Coordinator.
Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close