Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: GZEXE - the big problem
From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Sat, 31 Jan 1998 11:07:01 -0700


GZEXE, part of gzip package, is a small utility which allows
'transparent' compressio any kind of executables (just like pklite
under ms-dos). Unfortunatelly, it may be extremally dangerous. Here's
the shell script used to decompression:

if /usr/bin/tail +$skip $0 | "/usr/bin"/gzip -cd > /tmp/gztmp$$; then...
[...]                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/gztmp$$ ${1+"$@"}; res=3D$?
^^^^^^^^^^^^


This /tmp race was fixed in the OpenBSD back in August... looks like
OpenBSD 2.2 is not vulnerable.

  By Date           By Thread  

Current thread:
  • Re: GZEXE - the big problem Theo de Raadt (Jan 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]