Actually that was an error in our advisory.
The correct (yet correct us if we are wrong again ;-]) information is:
Solaris 7 and Solaris 8 x86 Xsun is suid
Solaris 7 and Solaris 8 Sparc Xsun is sgid
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris/ - Network Traffic Analyzer
"Walk on."
|-----Original Message-----
|From: Bugtraq List [mailto:[EMAIL PROTECTED]]On Behalf Of Leif
|Sawyer
|Sent: Wednesday, April 11, 2001 9:48 AM
|To: [EMAIL PROTECTED]
|Subject: Re: Solaris Xsun buffer overflow vulnerability
|
|Don't have a Solaris 7 box to check. Not sure why your Solaris 8 has
|a SUID Xsun install, either.
|
|Leif
