|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: christer.oberg
gmx.netDate: Sun Sep 23 2001 - 04:50:45 CDT
There are some format strings vulnerbilities in the lastest hylafax package
try faxrm -h %x 1 or faxalter -h %x -D 1 for "proof of concept".
Both faxrm and faxalter are installed setuid uucp on FreeBSD (installed from
port collection). uid uucp is not that exciting but with some luck you'll
find uucp owned binaries running from cron with uid 0.
-- Sent through GMX FreeMail - http://www.gmx.net
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]