Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: RE: hpux warez

RE: hpux warez

From: Stefaan A Eeckels <Stefaan.Eeckels_at_ecc.lu>
Date: Tue, 04 Sep 2001 17:25:21 +0200 (MEST)

On 03-Sep-2001 auto300526_at_hushmail.com wrote:
>
> fully disclose this.

> I will leave you with this HPUX 11 local root exploit code. /usr/sbin/sw*
> are all setuid root by default and all contain buffer overflows. I didn't
> bother notifying HP about this at all. I just don't give a fuck.

I would if it worked. It doesn't.

$ ./swexploit
...lots of gunk...
,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~
,€~,€~,€~,€~,€~,€~,€~,€~,€[" was found to be greater than 1024 bytes in length. This
         program ERROR: Command line parsing failed.
$ uname -a
HP-UX happy B.11.00 A 9000/780 2016244097 two-user license
$

Stefaan 

-- 
Please visit our Webster http://xxxxxxxx.xxxx.xxx, write or e-mail to X&x
promptly,if you are interested.And X&x shall be pleased to render you any
further services.                                      -- Spam from China
Received on Sep 04 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos