[20461] in bugtraq
IRIX /usr/lib/print/netprint local root symbols exploit.
daemon@ATHENA.MIT.EDU (v9@REALHALO.ORG)
Thu Apr 26 12:48:10 2001
Message-ID: <20010426055110.18258.qmail@securityfocus.com>
Date: Thu, 26 Apr 2001 05:51:10 -0000
Reply-To: v9@REALHALO.ORG
From: v9@REALHALO.ORG
To: BUGTRAQ@SECURITYFOCUS.COM
i haven't audited anything in some time. well, i
just noticed this because i am doing a project
with a name similar to "netprint" and i was
wondering if it was at all related to what i was
doing. it wasn't. but, i noticed it was setuid
root and had a little bug.
this bug takes advantage of the -n option witch
has a bug that allows for arbitrary commands to be
executed.
exploit source code:
http://realhalo.org/xnetprint.c
Vade79 -> v9@realhalo.org -> realhalo.org.
