Full Disclosure mailing list archives
Re: unarj dir-transversal bug (../../../..)
From: evilninja <evilninja () gmx net>
Date: Tue, 12 Oct 2004 13:53:41 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chris Umphress wrote:
...somehow i don't expect programs to mess with /usr. not as a user and not as root.I just picked /usr, it could have been /etc, /var or any other standard directory that every *nix distribution has. Regardless, if I try to make unarj write to a directory that I don't have the neccessary permissions for, it asks me to pick an alternate location to extract to.
yes, but this is the point! when i happen to unarj a package with the unarj version you have as user "root", then unarj *will* have the permission to overwrite /etc or whatever. it won't kindly ask but just overwrite, or does it? (you've shown unarj in action with sudo when test.txt was non-existant). - -- BOFH excuse #290: The CPU has shifted, and become decentralized. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBa8XFC/PVm5+NVoYRAonoAKCGvDw7nWPHmeiSLbIJnZTZL96DrQCgyzVp 2Nj8WyhvyAGZWdyR6ce9W/s= =4bNP -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- unarj dir-transversal bug (../../../..) doubles (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- <Possible follow-ups>
- Re: unarj dir-transversal bug (../../../..) doubles (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Christian Kujau (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Cedric Blancher (Oct 12)
- Re: [OT] unarj dir-transversal bug (../../../..) evilninja (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Harry de Grote (Oct 12)