[4476] in bugtraq
Re: potential root exploit with help from sam (HP-UX 10.x)
daemon@ATHENA.MIT.EDU (David Hyams)
Thu May 15 09:25:39 1997
Date: Thu, 15 May 1997 08:51:21 +0200
Reply-To: David Hyams <nhyamd@ASCOM.CH>
From: David Hyams <nhyamd@ASCOM.CH>
To: BUGTRAQ@NETSPACE.ORG
Trevor Schroeder wrote:
>
> You've certainly got a case for a very potent DoS. Link to any file you want:
> /bin/sh, /etc/passwd, /bin/login, etc. and *poof* there it goes.
>
Not quite, sam only appends to the file, it doesn't truncate it.
I tried making a link to /etc/passwd and all I got was a couple of hundred
lines of junk appended to the existing /etc/passwd file.
David Hyams
