<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Buggy /usr/bin shell scripts

Buggy /usr/bin shell scripts

From: <obi_at_VIC20.DZP.SE>
Date: Sat, 6 Dec 1997 13:31:01 +0100

This is old news, but it seem to be around still.

Solaris 2.5.1 and 2.6:

$ ln -s /usr/bin/true /tmp/e
$ PATH=/tmp IFS=x /usr/bin/false
$ echo $?
0

This combined with the habit of giving non-login accounts /bin/false
as a shell feels dangerous.

Credits to Wilhelm Mueller for bringing it up in gnu.bash.bug in the
sense of a security related bug.
Received on Dec 06 1997

This message: [ Message body ]
Next message: Kenobi: "Communicator 4.04 little bug"
Previous message: Aleph One: "CERT Advisory CA-97.26 - statd"
Maybe in reply to: Kevin K. Sochacki: "HPUX rexecd bug on trusted system"
Next in thread: Casper Dik: "Re: Buggy /usr/bin shell scripts"
Reply: Casper Dik: "Re: Buggy /usr/bin shell scripts"
Reply: Geoffrey King: "Microsoft, CNET, BUGTRAQ and the 'land' attack"
Reply: Duncan Simpson: "cgiwrap-3.5 (and 3.6beta1,"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]