Full Disclosure mailing list archives

Re: Samba Remote Zero-Day Exploit

From: paul.szabo () sydney edu au
Date: Sun, 7 Feb 2010 07:59:48 +1100

Dear Marx,

This is an interesting point of view.


I had replied to you personally only, you should not have posted my
reply to any mailing lists. But since you posted... yes my views are
interesting, should be studied and followed, for enlightenment :-)

However u haven't answered my question. Is there an option to enable
a traversal or lets say chdir to a path outside of the configured
enviroment which is disabled by default?


No I do not think there is an option to allow chdir to outside.
(Please scritunize docs and sources, I may have missed something.)

Cheers, Paul

Paul Szabo   psz () maths usyd edu au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Samba Remote Zero-Day Exploit, (continued)
- - - Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 06)
    - Re: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)
    - Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 09)
    - Re: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)
    - Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 10)
  - Re: Samba Remote Zero-Day Exploit Thierry Zoller (Feb 06)
    - Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 06)
    - Re: Samba Remote Zero-Day Exploit Krzysztof Halasa (Feb 09)
- Samba Remote Zero-Day Exploit marxclou (Feb 06)
- Re: Samba Remote Zero-Day Exploit marxclou (Feb 06)
  - Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 06)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 06)
  - Re: Samba Remote Zero-Day Exploit David Jacoby (Feb 10)
- Re: Samba Remote Zero-Day Exploit marxclou (Feb 06)