Vulnerability Development mailing list archives

Re: more locale problems?

From: Ryan Sweat <h3xm3 () SWBELL NET>
Date: Wed, 22 Nov 2000 23:03:53 -0600

I know this is an old bug, but it's an exploit that I havent seen.

Red Hat Linux release 6.2 (Zoot) is vuln.

Ryan

----- Original Message -----
From: "Erik Tayler" <erik () DIGITALOFFENSE NET>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Tuesday, November 21, 2000 10:17 PM
Subject: Re: more locale problems?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

While on the topic of variables, attached is an exploit
pertaining a different environment variable.

I know it isn't related to the original
posting, but I thought it would be
appropriate to let people have a look at this.
(If they haven't already seen it).
I'm not sure if it was previously released.
(I know the vulnerability itself is old).

I haven't thoroughly tested it, however
it should work on:
     SuSE 6.0 - ?
     SuSE 6.4
     SuSE 7.0
     Red Hat 6.2
       other versions?
     Debian 2.2
       other versions?

It's just another cruddy exploit, nothing
special. It wasn't written by me.

Erik Tayler
http://www.digitaloffense.net

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBOhtIyU0pQlPl0B0AEQKFZwCg6lCKvxwciq2Ko25yAJf1U/t7s+MAnR1w
f4f/X2ylKZ/xaQa6V2BujsWC
=hQ7B
-----END PGP SIGNATURE-----

Current thread:

more locale problems? Andrew Griffiths (Nov 22)
- Re: more locale problems? Erik Tayler (Nov 23)
  - Re: more locale problems? Ryan Sweat (Nov 23)
- Re: more locale problems? Damian Menscher (Nov 23)
  - Re: more locale problems? dgerow (Nov 25)
  - Re: more locale problems? Andrew Griffiths (Nov 25)
    - Re: more locale problems? Olaf Kirch (Nov 27)