|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Atro Tossavainen (atossava
CC.HELSINKI.FI)Date: Fri Apr 27 2001 - 04:44:37 CDT
> this bug takes advantage of the -n option witch
> has a bug that allows for arbitrary commands to be
> executed.
>
> exploit source code:
> http://realhalo.org/xnetprint.c
In the form you give it, it doesn't work against IRIX 6.5.10, it
complains about the symbol ListAllPrinters being missing.
Adding the symbol results in gaining root, but it does require lp first.
Of course, since many SGI systems come with the lp account enabled
without a password, that would often be a trivial prerequisite.
-- Atro Tossavainen (Mr.) / The Institute of Biotechnology at Systems Analyst, Techno-Amish & / the University of Helsinki, Finland, +358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own. < URL : http : / / www . iki . fi / atro . tossavainen / >
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]