|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rasta C. Shell (rasta
RSHELL.ORG)Date: Tue Feb 20 2001 - 08:53:40 CST
I don't know if this will be any interesting since i don't think
it can gives you man uid/gid, but while looking at the man source code to
see whats seg-faulting the -K <longbuff> (didn't find anything, maybe
it's the grep that faults?) I notice that the -K <input> line is not
being validated before calling system, so a: man -K "';`/usr/bin/id`"
will run /usr/bin/id by man for you. luckily there's a setuid/gid call before
system.
-- http://www.rshell.org Join #shellcode on EFnet. rasta
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]