Local Root Vulnerability in passwd(1) on Solaris 8, 9
so-1997-and-1994 writes "There is a new vulnerability in the passwd command on solaris 8 and 9. Looks like a local user privilege escalation is possible. Patch your systems. This not the first nor the last time something like this has shown up."
Sun acknowledges, with thanks, Tim Wort (Tim.Wort@InklingResearch.com) for contacting
us regarding this issue.
I'm glad Sun thanked him by publishing his email address on a page now linked directly from the front of Slashdot.
It's ok, I already patched it for you ;)
Some news for nerds that actually matters... :)
can we please think about these little jabs before tossing them around?
"Won't somebody please think of the pedants?!"
'This is but further proof of the superiority of Microsoft Windows. Microsoft Windows has never had a problem with its passwd commands or files. I personally recommend Microsoft Windows for serious enterprise computing precisely for this reason.'
- J Allchin
This is left as an excercise to the reader.
When I first ran into this post, an ad of Sun appeared at the top of Slashdot's page which mentioned:
"SUN MICROSYSTEMS TECHNOLOGY HELPS TAKE YOU PLACES YOU'VE NEVER BEEN BEFORE."
Places I've never been before... Rootland?
I wasn't sure whether to believe you at first, so I looked it up and it turns out you weren't kidding! This is just too fucking funny.
Typical RMS.
Sarcasm wasted on clueless reader. Film at eleven.
Game... blouses.
You're worried you may have a script kitty?