Full Disclosure mailing list archives

Re: Back To The Future: Unix Wildcards Gone Wild

From: gremlin () gremlin ru
Date: Thu, 26 Jun 2014 13:40:58 +0400

On 26-Jun-2014 10:40:21 +0200, defensecode wrote:

We wanted to inform all major *nix distributions via our
responsible disclosure policy about this problem before posting
it, because it is highly likely that this problem could lead to
local root access on many distributions.
http://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt


Captain Obvious died in agony, and his final words were:
- Never forget of the "--" parameter...

:-)

-- 
Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru>
GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8 @ hkp://keys.gnupg.net

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Back To The Future: Unix Wildcards Gone Wild defensecode (Jun 26)
- Re: Back To The Future: Unix Wildcards Gone Wild Michal Zalewski (Jun 26)
- Re: Back To The Future: Unix Wildcards Gone Wild Julius Kivimäki (Jun 27)
  - Re: Back To The Future: Unix Wildcards Gone Wild fulldisclosure (Jun 28)
    - Re: Back To The Future: Unix Wildcards Gone Wild Daniel Miller (Jun 28)
    - Re: Back To The Future: Unix Wildcards Gone Wild Nico Le Moin (Jun 29)
- Re: Back To The Future: Unix Wildcards Gone Wild gremlin (Jun 27)
- Re: Back To The Future: Unix Wildcards Gone Wild Nick Lindridge (Jun 27)
  - Re: Back To The Future: Unix Wildcards Gone Wild steel-wing (Jun 28)
    - Re: Back To The Future: Unix Wildcards Gone Wild Cley Faye (Jun 28)
    - Re: Back To The Future: Unix Wildcards Gone Wild * (Jun 28)
- Re: Back To The Future: Unix Wildcards Gone Wild Ivan Delalande (Jun 27)
  - Re: Back To The Future: Unix Wildcards Gone Wild Michal Zalewski (Jun 27)
  - Re: Back To The Future: Unix Wildcards Gone Wild Peter Stamfest (Jun 29)