[15130] in bugtraq
Re: Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2)
daemon@ATHENA.MIT.EDU (Dan Kaminsky)
Thu Jun 1 00:26:38 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <008b01bfc9e8$e7becca0$16ab44ab@cisco.com>
Date: Mon, 29 May 2000 20:41:13 -0700
Reply-To: Dan Kaminsky <dankamin@CISCO.COM>
From: Dan Kaminsky <dankamin@CISCO.COM>
X-To: noir <noir@GSU.LINUX.ORG.TR>, BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
> U may say gid=80 (cdwriter) is useless but anyways here is the xploit
If you've got cdwriter access, and they have a SCSI hard drive, then you
should theoretically have read/write access to their raw partitions. I'm
sure I don't need to go into depth on what that should mean.
Yours Truly,
Dan Kaminsky
