Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity!
From: Valdis.Kletnieks () vt edu
Date: Tue, 02 Mar 2004 15:47:05 -0500

On Tue, 02 Mar 2004 12:01:08 +0300, d4rk <d4rk () securitylab ru>  said:

/* or if root is your friend, u can ask him to do it. */

Never underestimate the power of social engineering.  I've seen systems
r00ted by getting the admin to 'cd' over to a directory to examine a 'failing'
program.  Files like .exrc, .dbxrc/.dbxinit, and .gdbinit can all be used for mischief
with an unsuspecting sysadmin....

"Yep... got an a.out here, got a core here.. 'gdb' and type 'where'. Hmm..
see right there? You got a SEGV because you had a null pointer.." (Yes, and
you, mr admin, just got someting more fun than a SEGV when that .gdbinit file
in the current directory did something.. ;)

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]