[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability
From: spender@xxxxxxxxxxxxxx
Date: Tue, 11 May 2004 00:26:38 -0400

Just to clarify, this advisory does not involve either of the two 
vulnerabilities that I discovered over a year ago now that still remain 
unpatched.  The one bug is a local root on Linux, NetBSD, FreeBSD, 
OpenBSD, and Mac OS X, and any other OS systrace is ported to in the 
future.  The other bug is a complete bypass of systrace's "security" on 
Linux.

Maybe keep looking Stefan ;)
If you can find them, I'll release my fulling working MENU-BASED 
exploit.  Actually, I was quite upset at first that someone had killed 
my bug but then I read the advisory closer and realized it was a 
different local root, imagine that ;)  It amazes me that Niels has known 
a local root vulnerability has existed in his code for over a year and 
yet he hasn't even bothered to audit his own code, but instead continues 
to promote it.

http://monkey.org/openbsd/archive/misc/0304/msg01400.html
"I am looking forward to his local root exploit for systrace."
Sorry Niels, no such luck today :(
It was close!

-Brad

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: RE: [Full-Disclosure] Learn from history?
Next by Date: Re: [Full-Disclosure] Registry Watcher
Previous by thread: [Full-Disclosure] UPDATED OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : X sessions which are not started by scologin cannot use the X authorization protocol
Next by thread: [Full-Disclosure] Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability
Index(es):
- Date
- Thread