24 Nov
2000
24 Nov
'00
12:35
...
Not quite. The "exploit" is trivial:
cd / ping6 -I ';chmod 777 .' ls -lad .
You don't need any kind of script. But: ping6 is the only program known so far that could trigger the loading of modules with arbitrary names. ... Hmm, as far as my SuSE 7 Pro is concerned the module is always loaded and I found no cronjob or whatever which does some rmmod -a. So as long as I dunno unload it's not exploitable anyway - or did I miss the point?
Tobias