Re:Potential hole in Ettercap 0.6.2

From: w1re p4ir (w1rep4irat_private)
Date: Tue Dec 04 2001 - 11:44:54 PST

Next message: Melsa: "Re: Potential hole in Ettercap 0.6.2"

Previous message: Eric S. Raymond: "Re: Bug in fetchmail."
Maybe in reply to: Blue Boar: "Potential hole in Ettercap 0.6.2"
Next in thread: ALoR: "Re:Potential hole in Ettercap 0.6.2"
Next in thread: Melsa: "Re: Potential hole in Ettercap 0.6.2"
Reply: ALoR: "Re:Potential hole in Ettercap 0.6.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It is not configured as default from their source forge distrobution files. I did find out that that using %s instead of %x caused it do dump the current working directory:
ettercap %s%s%s%s%s%s%s%s%s%s%s
ettercap 0.6.0 brought from the dark side of the net by ALoR and NaGA...

may the packets be with you...


Invalid host address PWD=/rootÄôÿt$,èy²þÿÄ Äôhèi²þÿÄôj
ettercap0.6.0Uåì
                PWD=/rootÄÄüShiÿèZÿÿÄôjÿèDbÿÿìÜ !!

Pretty strange no dbout, but since you can't run as a regular user no real security implications...
w1re


________________________________________________________
The Best News Source On The Web - http://www.disinfo.com

Next message: Melsa: "Re: Potential hole in Ettercap 0.6.2"
Previous message: Eric S. Raymond: "Re: Bug in fetchmail."
Maybe in reply to: Blue Boar: "Potential hole in Ettercap 0.6.2"
Next in thread: ALoR: "Re:Potential hole in Ettercap 0.6.2"
Next in thread: Melsa: "Re: Potential hole in Ettercap 0.6.2"
Reply: ALoR: "Re:Potential hole in Ettercap 0.6.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 12:13:59 PST