|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
load.root (loadmodule hole)
der Mouse (mouse
Collatz.McRCIM.McGill.EDU)Fri, 15 Sep 1995 06:54:45 -0400
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Urban: "Re: load.root (loadmodule hole)"
- Previous message: Charles Sumner: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
- Next in thread: Urban: "Re: load.root (loadmodule hole)"
For anyone wondering what the loadmodule hole is, but not wanting to
grab the 8lgm exploit and try to grok it, the real secret is very
simple - and I can't understand why 8lgm didn't explain this in their
posting, rather than only in a comment in the exploit script.
The comment in question is:
> # loadmodule has previously been fixed to clear IFS, apparently by
> # putenv("IFS= "). However, we can still exploit system() by
> # having IFS defined twice in our environment.
der Mouse
mousecollatz.mcrcim.mcgill.edu
- Next message: Urban: "Re: load.root (loadmodule hole)"
- Previous message: Charles Sumner: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
- Next in thread: Urban: "Re: load.root (loadmodule hole)"