[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)

To: Chris Umphress <umphress@xxxxxxxxx>
Subject: Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)
From: <doubles@xxxxxxxx>
Date: Tue, 12 Oct 2004 00:49:53 -0700

On Mon, 11 Oct 2004 12:50:20 -0700 Chris Umphress <umphress@xxxxxxxxx>
wrote:
>  chris@chris:~/test$ arj a test.arj ../../../usr/local/bin/test.txt

ya have ''.'' in yar PATH! bwahahahah!

>Apart from it removing one "../" from the filename I gave it, it
>worked exactly as I expected.

dis is powerfull security whole! im writting a exploit for it right now
in visual cobol!

czech this out::

http://www.security.nnov.ru/search/news.asp?binid=1320
http://www.securityfocus.com/bid/5835/info/
http://www.securityfocus.com/bid/7550/info/
http://rhn.redhat.com/errata/RHSA-2002-096.html
http://www.debian.org/security/2003/dsa-344
http://www.2600.com

doubles

Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)
  - From: Harry de Grote

Prev by Date: Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)
Next by Date: Re: [Full-Disclosure] Denial of service in KitchenAid blenders
Previous by thread: Re: [Full-Disclosure] [OT] unarj dir-transversal bug (../../../..)
Next by thread: Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)
Index(es):
- Date
- Thread