Re: potential root exploit with help from sam (HP-UX 10.x)

Tim.Matthews@NESTLEGB.NESTLE.COM
Thu, 15 May 1997 18:09:00 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike Neuman: "Day5notifier (IRIX 6.2 vulnerability)"
Previous message: Aaron Spangler: "Re: NT4.0 SP3 Still vulnerable"
Maybe in reply to: David Hyams: "potential root exploit with help from sam (HP-UX 10.x)"

Ok. Link to /etc/nologin.

Tim
----------
From: David Hyams
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: potential root exploit with help from sam (HP-UX 10.x)
Date: 15 May 1997 07:51

Trevor Schroeder wrote:
>
> You've certainly got a case for a very potent DoS. Link to any file you
want:
> /bin/sh, /etc/passwd, /bin/login, etc. and *poof* there it goes.
>

Not quite, sam only appends to the file, it doesn't truncate it.
I tried making a link to /etc/passwd and all I got was a couple of
hundred
lines of junk appended to the existing /etc/passwd file.

David Hyams

Next message: Mike Neuman: "Day5notifier (IRIX 6.2 vulnerability)"
Previous message: Aaron Spangler: "Re: NT4.0 SP3 Still vulnerable"
Maybe in reply to: David Hyams: "potential root exploit with help from sam (HP-UX 10.x)"