Full Disclosure mailing list archives
Re: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity!
From: Valdis.Kletnieks () vt edu
Date: Tue, 02 Mar 2004 15:47:05 -0500
On Tue, 02 Mar 2004 12:01:08 +0300, d4rk <d4rk () securitylab ru> said:
/* or if root is your friend, u can ask him to do it. */
Never underestimate the power of social engineering. I've seen systems r00ted by getting the admin to 'cd' over to a directory to examine a 'failing' program. Files like .exrc, .dbxrc/.dbxinit, and .gdbinit can all be used for mischief with an unsuspecting sysadmin.... "Yep... got an a.out here, got a core here.. 'gdb' and type 'where'. Hmm.. see right there? You got a SEGV because you had a null pointer.." (Yes, and you, mr admin, just got someting more fun than a SEGV when that .gdbinit file in the current directory did something.. ;)
Attachment:
_bin
Description:
Current thread:
- Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity! narko tix (Mar 01)
- Re: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity! d4rk (Mar 02)
- Re: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity! Valdis . Kletnieks (Mar 02)
- Re: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity! d4rk (Mar 02)