fileutils-4.x local root exploit

dagmar at speakeasy.net dagmar at speakeasy.net
Mon Sep 23 10:09:05 PDT 2002


On Mon, 23 Sep 2002, Fagood wrote:

> Fake ?
>
> ---------------------------------------------
>
> * biinls.c - fileutils-4.x local root exploit
>
> *
>
> * Tested against:
>
> * Redhat 7.0 - Redhat 7.1 - Redhat 7.2 - Redhat 7.3
>
> * gov-boi <gov-boi at hack.co.za>
>
> */
>
> $ ./hudo 0x0a $((16392-8)) $((16392-8-256-16))
>
> [+] biinls fileutils-4.x local root exploit
>
> [+] Copyright (C) 2002 gov-boi <gov-boi at hack.co.za>
>
> [+] Checking file
>
> [+] Building b0f1..
>
> [+] Building b0f2..
>
> [+] Sending Shellcode..
>
> [+] Executing ls..
>
> sh-2.05# head /etc/redhat*
>
> Red Hat Linux release 7.2 (Enigma)

Not really caring to go look up whatever silly things _Redhat_ did with
their fileutils package, I'll toss out not fake, just dim-witted.  Unless
you did something specifically to _make_ one of the binaries from the fileutils
package suid, this should be no threat.

Next time you want something like this verified, forward the _whole_
announcement so we can have a good laugh about it.

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list