On Wed, Sep 20, 2006 at 03:53:06PM -0400, Tim wrote:
Well, the whole idea that having to use a non-root account to unpack
some files has always been rediculous to me. Sure, given the way tar
behaves, it is insane not to, but for a software distribution tool,
making this a requirement is
4.2.1 and newer.
Enjoy,
-jon
#!/usr/bin/perl
#
# Cisco/Protego CS-MARS 4.2.1 remote command execution, system compromise
# via insecure JBoss installation.
#
# Fully functional POC code by Jon Hart [EMAIL PROTECTED]
#
# Addressed in CSCse47646
#
# CS-MARS is an event correlation product
On Thu, Jul 13, 2006 at 09:57:05PM -0700, Kyle Lutze wrote:
it seems that this relies on /etc/cron.d being there? or is it specific
to a crond? I use fcron which doesn't use /etc/cron.d and I have been
unable to get the exploit to successfully work. 2.6.14 kernel
sh: /tmp/sh: No such file or
On Thu, Jul 13, 2006 at 01:23:10AM +0300, Ariel Biener wrote:
On Wednesday 12 July 2006 03:15, Roman Medina-Heigl Hernandez wrote:
Ignore my previous post, it does create a setuid bash version in /tmp/sh, the
reason it doesn't work is due to SELinux contexts.
This is an important note, IMO.