Re: potential root exploit with help from sam (HP-UX 10.x)
David Hyams (nhyamd@ASCOM.CH)
Thu, 15 May 1997 08:51:21 +0200
Trevor Schroeder wrote:
>
> You've certainly got a case for a very potent DoS. Link to any file you want:
> /bin/sh, /etc/passwd, /bin/login, etc. and *poof* there it goes.
>
Not quite, sam only appends to the file, it doesn't truncate it.
I tried making a link to /etc/passwd and all I got was a couple of hundred
lines of junk appended to the existing /etc/passwd file.
David Hyams