lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200403022047.i22Kl5oE017012@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublish ed Local Stack Overflow Vulnerablity! 

On Tue, 02 Mar 2004 12:01:08 +0300, d4rk <d4rk@...uritylab.ru>  said:

> /* or if root is your friend, u can ask him to do it. */

Never underestimate the power of social engineering.  I've seen systems
r00ted by getting the admin to 'cd' over to a directory to examine a 'failing'
program.  Files like .exrc, .dbxrc/.dbxinit, and .gdbinit can all be used for mischief
with an unsuspecting sysadmin....

"Yep... got an a.out here, got a core here.. 'gdb' and type 'where'. Hmm..
see right there? You got a SEGV because you had a null pointer.." (Yes, and
you, mr admin, just got someting more fun than a SEGV when that .gdbinit file
in the current directory did something.. ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040302/2341850a/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ