Date: Thu, 10 Sep 1998 08:43:13 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Jay Tribick <netadmin@fastnet.co.uk>, freebsd-security@FreeBSD.ORG Subject: Re: Err.. cat exploit.. (!) Message-ID: <3.0.3.32.19980910084313.011f48f0@207.227.119.2> In-Reply-To: <Pine.BSF.3.96.980910115926.408V-100000@bofh.fast.net.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:07 PM 9/10/98 +0100, Jay Tribick wrote: > >Hi All.. > >Was just having a look in /var/log the other day and spotted >a file called sendmail.st, wondering what it was I cat'd it >and here's what it did: > >bofh$ cat sendmail.st >`ay5habf33*`ma}`)`Jj]: Jsu-2.01$ xtermxterm >su: xtermxterm: command not found >bofh$ > >This seems quite scarey to me, couldn't someone embed 'rm -rf /' >within a text file and then, if root cats the file it nukes >their system? > >Here's an 'od' dump of the file, unfortunately I don't have the >time to investigate this further: > >bofh$ od sendmail.st --snip-- > >bofh$ uname -a >FreeBSD server1.fastnet.co.uk 2.2.6-RELEASE FreeBSD 2.2.6-RELEASE #0: Mon >Jun 22 17:33:00 BST 1998 >kronus@anarchy.fast.net.uk:/usr/src/sys/compile/ANARCHY i386 It is a binary file. The sendmail.st file is used for mailer stats for sendmail ala mailstats: # mailstats Statistics from Thu Sep 3 05:10:01 1998 M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis Mailer 3 2060 6227K 45 60K 0 0 local 5 0 0K 2073 6207K 0 0 esmtp ============================================================= T 2060 6227K 2118 6267K 0 0 Terminals don't like it when you cat a binary. Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19980910084313.011f48f0>