|
Bugtraq
mailing list archives
Re: Undisclosed Sudo Vulnerability ?
From: "Kurt Seifried" <bt () seifried org>
Date: Sat, 30 Jul 2005 16:35:05 -0600
Nice social engineering; this removes all files and filder in the current
directory:
[test () devel ~]$ gcc -pipe -o sudoh foo.c
foo.c: In function âth30_iz_own3dâ:
foo.c:67: warning: pointer targets in passing argument 1 of âfillâ differ in
signedness
foo.c:68: warning: pointer targets in passing argument 1 of âfillâ differ in
signedness
{standard input}: Assembler messages:
{standard input}:3: Warning: ignoring changed section attributes for .text
[test () devel ~]$ ls -la
total 76
drwxr-xr-x 3 test test 4096 Jul 30 16:29 .
drwxr-xr-x 5 root root 4096 Jul 30 16:26 ..
-rw-r--r-- 1 test test 24 Jul 30 16:26 .bash_logout
-rw-r--r-- 1 test test 191 Jul 30 16:26 .bash_profile
-rw-r--r-- 1 test test 124 Jul 30 16:26 .bashrc
-rw-r--r-- 1 test test 438 Jul 30 16:26 .emacs
drwxrwxr-x 3 test test 4096 Jul 30 16:26 .emacs.d
-rw-rw-r-- 1 test test 2540 Jul 30 16:26 foo.c
-rwxrwxr-x 1 test test 5817 Jul 30 16:29 sudoh
[test () devel ~]$ ./sudoh
[test () devel ~]$ ls -la
total 16
drwxr-xr-x 2 test test 4096 Jul 30 16:29 .
drwxr-xr-x 5 root root 4096 Jul 30 16:26 ..
[test () devel ~]$
-Kurt
 By Date 
By Thread
Current thread:
| 
Intro
