Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: unarj dir-transversal bug (../../../..)
From: <doubles () hush com>
Date: Tue, 12 Oct 2004 00:49:53 -0700

On Mon, 11 Oct 2004 12:50:20 -0700 Chris Umphress <umphress () gmail com>
wrote:
 chris () chris:~/test$ arj a test.arj ../../../usr/local/bin/test.txt

ya have ''.'' in yar PATH! bwahahahah!

Apart from it removing one "../" from the filename I gave it, it
worked exactly as I expected.

dis is powerfull security whole! im writting a exploit for it right now
in visual cobol!

czech this out::

http://www.security.nnov.ru/search/news.asp?binid=1320
http://www.securityfocus.com/bid/5835/info/
http://www.securityfocus.com/bid/7550/info/
http://rhn.redhat.com/errata/RHSA-2002-096.html
http://www.debian.org/security/2003/dsa-344
http://www.2600.com

doubles




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]