|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jose Nazario (jose
BIOCSERVER.BIOC.CWRU.EDU)Date: Sun Feb 04 2001 - 22:29:21 CST
On Sun, 4 Feb 2001, Martin Schulze wrote:
> Please tell me what you gain from this. man does not run setuid
> root/man but only setgid man. So all you can exploit this to is a
> shell running under your ownl user ide.
sucker admins who m4 their sendmail.mc's as root, chiefly if you trick
them into processing an untrusted and untrustworthy .mc file.
____________________________
jose nazario josecwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]