| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: james.greenhalgh at worldpay.com (James Greenhalgh) Subject: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Chris Smith wrote: > On Mon, 23 Aug 2004 07:11, bipin gautam wrote: > >>Not really, I've discoverd a NTFS feature (BUG?). >>well... If you have system/administrative privilages >>in a disk.... you can read/modify a file even though >>it has "EVERYONE: DENY" permission set. > > > OMFG!! REISERFS HAS THE SAME EXPLOIT!!!! > > CHECK OUT MY POC! > > chris@...is h4x0r $ echo "bipin sucks" >> hax > chris@...is h4x0r $ chmod -rwx hax > chris@...is h4x0r $ ls -alo hax > ---------- 1 chris 12 Aug 23 21:58 hax > chris@...is h4x0r $ cat hax > cat: hax: Permission denied > chris@...is h4x0r $ sudo cat hax > bipin sucks > chris@...is h4x0r $ Chris - it's worse than we thought. Looks like EXT3 suffers the same problem: jamesgr@...dius:~> echo "4m cl3v4r" >> wtf jamesgr@...dius:~> chmod -rwx wtf jamesgr@...dius:~> ls -l wtf ---------- 1 jamesgr users 10 2004-08-23 12:01 wtf jamesgr@...dius:~> su Password: gradius:/home/jamesgr # cat wtf 4m cl3v4r gradius:/home/jamesgr # Obviously they must both be derived from the same code. An IBM employee has clearly contributed this code simultaneously to BSD (which Microsoft has innocently used) and Linux, copied from UNIX(R) source which SCO owns! THE SKY IS FALLING! Please don't hurt me SCO!
Powered by blists - more mailing lists