Bugtraq mailing list archives
Re: potential root exploit with help from sam (HP-UX 10.x)
From: tschroed () CHEETAH WSC EDU (Trevor Schroeder)
Date: Wed, 14 May 1997 10:43:35 -0500
On Wed, 14 May 1997, David Hyams wrote:
So, if I make a symbolic link from /var/tmp/outdata to /.rhosts (say), and wait for the sys-admin to run sam to configure networking, I can get a /.rhosts file. Admittedly this isn't too interesting as the file doesn't have the famous "+ +" in it. However, if your sysadmin happens to have umask set to 0 then you've now got a
You've certainly got a case for a very potent DoS. Link to any file you want: /bin/sh, /etc/passwd, /bin/login, etc. and *poof* there it goes. ____________________________________________________________ "One unerring mark of the love of truth is not entertaining any propositions with greater assurance than the proofs it is built upon will warrant" -- John Locke, 1690 Trevor Schroeder tschroed () cheetah wsc edu ------------------------------------------------------------
Current thread:
- more DoS fun, (continued)
- more DoS fun Ghent (May 11)
- Re: Linux UID/GID 'Feature' Andrew G. Morgan (May 11)
- sendmail 8.8.6 Beta release available Jason R Mastaler (May 11)
- New Win95 OOB fix allows Netbios to be used Aaron Weintraub (May 12)
- UPDATE TO OOB FIX Aaron Weintraub (May 12)
- Re: New Win95 OOB fix allows Netbios to be used Ian MacPhedran (May 13)
- UPDATE TO OOB FIX Wojciech Swieboda (May 13)
- Re: ELM overflow security () home bti pl (May 14)
- Re: ELM overflow Michel GAUDET (May 16)
- potential root exploit with help from sam (HP-UX 10.x) David Hyams (May 14)
- Re: potential root exploit with help from sam (HP-UX 10.x) Trevor Schroeder (May 14)
- Sun Security Bulletin #00140 Sun Security Coordination Team (May 14)
- Non-executable stack -- final Linux kernel patch Solar Designer (May 14)
- NT4.0 SP3 Still vulnerable Aaron Spangler (May 15)
- MicroSolved finds hole in Ascom Timeplex Router Security Brent Huston (May 15)