Network Security: Detailed info on Re: [Full-Disclosure] /bin/rm file access vulnerability

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-Disclosure] /bin/rm file access vulnerability

from [bkfsec] Network Security

[Permanent Link]

Subject:	Re: [Full-Disclosure] /bin/rm file access vulnerability
Date:	Fri, 31 Dec 2004 10:28:17 -0500

J.A. Terranson wrote:

When you feed trolls, they grow :-)

Hey - I'm preplanning for Thanksgiving!

Seriously, we seem to be getting more crap like this. Are people just bored?


I'm bored :-)


    mx1# touch killme
        mx1# chmod 0 killme
        mx1# ls -al killme
        ----------  1 root  wheel  0 Dec 30 20:39 killme
        mx1# rm killme
        mx1# ls -al killme
        ls: killme: No such file or directory
        mx1#

At least here s/he/it could have tried to wrap the old "should anyone be
allowed to do this" trap around someone's ankles.  But the one below is
just beyond lame - it's a troll with a neon sign attached flashing "FEED
ME!"

Agreed - or, at least, wrapped some humor in there other than a simple perl script. Heh.

Something like a headline "UnCHEckED DefaceMENT in UID0 in *ALL* UnIx KernELS!" would have sufficed.

               -Barry


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-Disclosure] /bin/rm file access vulnerability, Lennart Hansen Re: [Full-Disclosure] /bin/rm file access vulnerability, Eric Romang / ZATAZ Re: [Full-Disclosure] /bin/rm file access vulnerability, Michal Zalewski Re: [Full-Disclosure] /bin/rm file access vulnerability, shane milton Message not available Re: [Full-Disclosure] /bin/rm file access vulnerability, James Longstreet Message not available Message not available Message not available Re: [Full-Disclosure] /bin/rm file access vulnerability, bkfsec <= Message not available Message not available Message not available Re: [Full-Disclosure] /bin/rm file access vulnerability, Frank Knobbe

Previous by Date:	Re: [Full-Disclosure] /bin/rm file access vulnerability, James Longstreet
Next by Date:	Re: [Full-Disclosure] MySQL and the user "su", Sascha Wolf
Previous by Thread:	Re: [Full-Disclosure] /bin/rm file access vulnerability, James Longstreet
Next by Thread:	Re: [Full-Disclosure] /bin/rm file access vulnerability, Frank Knobbe
Indexes:	[Date] [Thread] [Top] [All Lists]