Re: DebPloit (exploit)
From: Florian Weimer (Weimer@CERT.UNI-STUTTGART.DE)Date: 03/26/02
- Previous message: Jan Willem Boer: "Re: How Outlook 2002 can still execute JavaScript in an HTML email message"
- Maybe in reply to: David Wentworth: "Re: DebPloit (exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Mar 2002 12:50:33 +0100 From: Florian Weimer <Weimer@CERT.UNI-STUTTGART.DE> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
For our own use, we have rewritten DPfix in Ada so that we have
complete source code for this tool. (DPfix by Radim "EliCZ" Picha
changes the erratic ACL so that it allows access for SYSTEM only.) As
of now, we have not encountered any side effects in our setup.
Our tool is slightly more general (you have to pass the process and
object name on the command line), and it does not require any user
interaction, so it is suitable for startup scripts.
Further information, full Ada source code, and a precompiled binary is
available at:
http://CERT.Uni-Stuttgart.DE/people/fw/tools/chsystem/
-- Florian Weimer Weimer@CERT.Uni-Stuttgart.DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
- Previous message: Jan Willem Boer: "Re: How Outlook 2002 can still execute JavaScript in an HTML email message"
- Maybe in reply to: David Wentworth: "Re: DebPloit (exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
