From proff Thu Aug 8 05:37:42 1996 Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id FAA21397 for best-of-security; Thu, 8 Aug 1996 05:37:42 +1000 Received: from brimstone.netspace.org ([128.148.157.143]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id FAA20783 for ; Thu, 8 Aug 1996 05:17:01 +1000 Received: from netspace.org ([128.148.157.6]) by brimstone.netspace.org with ESMTP id <22582-3416>; Wed, 7 Aug 1996 15:15:48 -0500 Received: from netspace.org (netspace [128.148.157.6]) by netspace.org (8.7/8.6.12) with SMTP id PAA03732; Wed, 7 Aug 1996 15:14:00 -0400 Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8b) with spool id 218722 for BUGTRAQ@NETSPACE.ORG; Wed, 7 Aug 1996 15:03:55 -0400 Received: from netspace.org (netspace [128.148.157.6]) by netspace.org (8.7/8.6.12) with SMTP id PAA02370 for ; Wed, 7 Aug 1996 15:03:31 -0400 Approved-By: ALEPH1@UNDERGROUND.ORG Received: from cs.uct.ac.za (cs.uct.ac.za [137.158.128.249]) by netspace.org (8.7/8.6.12) with SMTP id EAA29936 for ; Wed, 7 Aug 1996 04:26:34 -0400 Received: from ebi.cs.uct.ac.za by cs.uct.ac.za with smtp (Smail3.1.29.1 #11) id m0uo3wj-00097bC; Wed, 7 Aug 96 10:26 SAT (+0200) Received: by ebi.cs.uct.ac.za (951211.SGI.8.6.12.PATCH1042/ebi.02) id KAA01170; Wed, 7 Aug 1996 10:26:28 +0200 X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Approved-By: Grant Kaufmann Message-ID: <199608070826.KAA01170@ebi.cs.uct.ac.za> Date: Wed, 7 Aug 1996 10:26:27 +0200 Reply-To: Bugtraq List Sender: proff From: Grant Kaufmann Subject: Re: IRIX 5.3 chost To: Multiple recipients of list BUGTRAQ There seems to be some problem with following my exploit. I don't know if I'm running different patch versions or what, but interstingly enough, I tried the exploit again this morning, and chost (and most of the other programs in that directory) refused to run, giving errors along the lines of "unable to contact objectserver". I checked and there was only one copy of objectserver running. When I rebooted, 2 copies were running, and all the programs acted as normal. So, to summarise, here is my system's configuration: --- Script started on Wed Aug 7 10:03:11 1996 /usr/Cadmin/bin>ls -l chost cimport -rwsr-xr-x 1 root sys 232160 Aug 29 1995 chost -rwsr-xr-x 1 root sys 161896 Aug 29 1995 cimport /usr/Cadmin/bin>uname -a IRIX ebi 5.3 11091812 IP22 mips /usr/Cadmin/bin>chost Error is 5(Permission Denied) Error is 5(Permission Denied) /usr/Cadmin/bin>^D script done on Wed Aug 7 10:04:07 1996 --- Notice that I also get the (Permission Denied) "error", but the exploit still works fine. Try the exploit for cimport, it follows the same principle: --- /usr/Cadmin/bin/cimport New OK OK Cancel double-click any of the mounted filesystems to bring up the desktopManager --- I think this will only work if you are nfs-mounting filesystems, as I don't know if there's another way to bring up desktopManager. -- Grant -- http://www.cs.uct.ac.za/~gkaufman/pgp.html