Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Exploit for Mandrake 6.1 (PAM/userhelper bug)
From: jgault () WINGNET NET (Jeremy Gault)
Date: Tue, 21 Mar 2000 14:47:17 -0500

        I tried this on a couple of my Mandrake 6.1 machines and it did
work.  Tried it on a Mandrake 7.0 box and it didn't work.  I went to
the Mandrake FTP site and downloaded a RPM of 7.0's PAM,
installed it, and everything seems happy now.

 * Mandrake Linux 6.1 has the same problem as Red Hat Linux 6.x but its
 * exploit (pamslam.sh) doesn't work on it (at least on my machine). So,
 * I created this C program based on it which exploits PAM/userhelper
 * and gives you UID 0.
 * Red Hat Linux 6.0, Red Hat Linux 6.1, Mandrake Linux 6.1.

Jeremy Gault
Systems Administrator - WingNET Internet Services

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]