Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

load.root (loadmodule hole)
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Fri, 15 Sep 1995 06:54:45 -0400

For anyone wondering what the loadmodule hole is, but not wanting to
grab the 8lgm exploit and try to grok it, the real secret is very
simple - and I can't understand why 8lgm didn't explain this in their
posting, rather than only in a comment in the exploit script.

The comment in question is:


# loadmodule has previously been fixed to clear IFS, apparently by
# putenv("IFS= ").  However, we can still exploit system() by
# having IFS defined twice in our environment.


                                        der Mouse

                            mouse () collatz mcrcim mcgill edu

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]