lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <13760.1249398586@turing-police.cc.vt.edu>
Date: Tue, 04 Aug 2009 11:09:46 -0400
From: Valdis.Kletnieks@...edu
To: full-disclosure@...ts.grok.org.uk
Subject: Re: PHP Fuzzer Framework Insecure File
	Creation/Execution Vulnerability

On Mon, 03 Aug 2009 16:03:13 EDT, elliot_mb@...hmail.com said:
> VI. VENDOR RESPONSE
> 
> Vendor was uninterested in fixing the issue.

Probably because PFF is usually run from a laptop or single-user workstation,
and you need a shell on the system already for this exploit to work. So it's
really not a big deal unless you're an insider who shouldn't have been trusted
with an account on the machine in question, or you've also got *another*
way to get access to the box.

> #include <sys/inotify.h>
>    struct inotify_event e;
>    n = inotify_init();
>    w = inotify_add_watch(n, "/tmp/PFF", IN_CREATE);

Bonus points for using inotify.. but...

> * DONT HIRE NIGGERS, THEY BRING ONLY FAILURE.

Oddly enough, the guys in charge who brought the South a loss were all white...

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ