Full Disclosure mailing list archives
/etc/passwd corruption
From: halfdog <me () halfdog net>
Date: Tue, 25 Jan 2011 19:41:30 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello List, On ubuntu lucid, I found a way to add corrupted entries to /etc/passwd e.g. "AAA\n", but not to /etc/shadow. Does someone know a way to use that for privilege escalation? What is the "+" line handling in /etc/passwd for? - -- http://www.halfdog.net/ PGP: 156A AE98 B91F 0114 FE88 2BD8 C459 9386 feed a bee -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFNPyd1xFmThv7tq+4RAtVLAJ44RJHARRd9epWky3NlcSCpKjVpjQCfUN9U IAO/YraGElqW94OJWpVCKSk= =q/kZ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- /etc/passwd corruption halfdog (Jan 25)
- Re: /etc/passwd corruption John Jacobs (Jan 25)
- <Possible follow-ups>
- Re: /etc/passwd corruption Benji (Jan 25)