Date: Thu, 12 Jul 2001 12:27:43 -0500 From: jamie rishaw <jamie@playboy.com> To: alexus <ml@db.nexgen.com> Cc: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>, Gabriel Rocha <grocha@geeksimplex.org>, security@FreeBSD.ORG Subject: Re: FreeBSD 4.3 local root Message-ID: <20010712122743.C14782@playboy.com> In-Reply-To: <001f01c10af7$9b42f120$97625c42@alexus>; from ml@db.nexgen.com on Thu, Jul 12, 2001 at 01:25:11PM -0400 References: <20010712120706.B1020@geeksimplex.org> <079e01c10aef$21fd1460$2001a8c0@clitoris> <001f01c10af7$9b42f120$97625c42@alexus>
next in thread | previous in thread | raw e-mail | index | archive | help
su cd /tmp touch sh chmod 000 sh chflags schg sh On Thu, Jul 12, 2001 at 01:25:11PM -0400, alexus wrote: > is there any fix for that? > > ----- Original Message ----- > From: "Przemyslaw Frasunek" <venglin@freebsd.lublin.pl> > To: "Gabriel Rocha" <grocha@geeksimplex.org>; <security@FreeBSD.ORG> > Sent: Thursday, July 12, 2001 12:24 PM > Subject: Re: FreeBSD 4.3 local root > > > > > about how long does the exploit run before giving you a root shell? > > > > Immediately. Shellcode calls /tmp/sh, not /bin/sh, so copy it to /tmp. > > > > -- > > * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * > > * Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF * > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- jamie rishaw <jamie@playboy.com> sr. wan/unix engineer/ninja // playboy enterprises inc. opinions stated are mine, and are not necessarily those of the bunny. dance like it hurts. love like you need money. work when people are watching. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010712122743.C14782>