[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] /etc/passwd corruption

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] /etc/passwd corruption
From: halfdog <me@xxxxxxxxxxx>
Date: Tue, 25 Jan 2011 19:41:30 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello List,

On ubuntu lucid, I found a way to add corrupted entries to /etc/passwd
e.g. "AAA\n", but not to /etc/shadow. Does someone know a way to use
that for privilege escalation? What is the "+" line handling in
/etc/passwd for?

- -- 
http://www.halfdog.net/
PGP: 156A AE98 B91F 0114 FE88  2BD8 C459 9386 feed a bee
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFNPyd1xFmThv7tq+4RAtVLAJ44RJHARRd9epWky3NlcSCpKjVpjQCfUN9U
IAO/YraGElqW94OJWpVCKSk=
=q/kZ
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] /etc/passwd corruption
  - From: John Jacobs

Prev by Date: [Full-disclosure] [USN-1047-1] AWStats vulnerability
Next by Date: Re: [Full-disclosure] sourceforge entry point seems still active.
Previous by thread: [Full-disclosure] [USN-1047-1] AWStats vulnerability
Next by thread: Re: [Full-disclosure] /etc/passwd corruption
Index(es):
- Date
- Thread