On 03-Sep-2001 auto300526at_private wrote: > > fully disclose this. > I will leave you with this HPUX 11 local root exploit code. /usr/sbin/sw* > are all setuid root by default and all contain buffer overflows. I didn't > bother notifying HP about this at all. I just don't give a fuck. I would if it worked. It doesn't. $ ./swexploit ...lots of gunk... ,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~,€~ ,€~,€~,€~,€~,€~,€~,€~,€~,€[" was found to be greater than 1024 bytes in length. This program ERROR: Command line parsing failed. $ uname -a HP-UX happy B.11.00 A 9000/780 2016244097 two-user license $ Stefaan -- Please visit our Webster http://xxxxxxxx.xxxx.xxx, write or e-mail to X&x promptly,if you are interested.And X&x shall be pleased to render you any further services. -- Spam from China
This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 10:03:14 PDT