Bugtraq mailing list archives

Re: IFS hole?

From: jsz () ramon bgu ac il (Yonathan)
Date: Wed, 15 Dec 93 17:41:51 IST


abeckett () fmlrnd co uk has said


However, I agree with Peter that the LD_LIBRARY_PATH could be abused,
but this is likely to be a general problem and not just one to do with
programs that exec other programs.


It's not like it *COULD* be abused. Every man and his dog can abuse it.
Give me SunOS, shared libraries & LD_* crap, I will give you root access,
or something. sekurity.

-- Jonathan

jsz () sekurity netsys com
jsz () crimelab com
jsz () mtv com

Current thread:

Re: IFS hole? Yonathan (Dec 15)
- Re: IFS hole? abeckett () fmlrnd co uk (Dec 15)
- <Possible follow-ups>
- Re: IFS hole? mark kraitchman (Dec 15)
  - Re: IFS hole? Greg Woods (Dec 15)
  - IFS hole? Karyn Pichnarczyk (Dec 15)
- Re: IFS hole? henry strickland (Dec 15)
- Re: IFS hole? Peter shipley (Dec 15)
- Re: IFS hole? Rik Harris (Dec 15)
- Re: IFS hole? Christopher Davis (Dec 17)