lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: core at bokeoa.com (Charles 'core' Stevenson) Subject: Sharutils buggy? Well you could check out some e-mail programs etc... Imagine that an attacker sends e-mail to root@...e.host with a uuencoded attachment. The attacker has local access to the machine and knows that root's e-mail program calls system("uudecode %s",file) would allow the attacker to setup the uuencode file in such a fashion as to make this work... whether such a case exists is pure speculation. But out of boredom I've attached a theorhetical exploit. peace, core martin f krafft wrote: > I'd like to get some educated thoughts and opinions on a recently found > potential bug: > > http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037 > http://online.securityfocus.com/bid/4742 > http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-049 > http://www.aerasec.de/security/index.html?lang=en&id=ae-200204-033 > http://bugs.debian.org/149454 > http://www.kb.cert.org/vuls/id/336083 > > cheers, > -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: uudecode.sh Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020715/631943bf/uudecode.ksh
Powered by blists - more mailing lists