[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Linux kernel exploit
- To: Rem7ter <rem7ter@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Linux kernel exploit
- From: mezgani ali <handrix@xxxxxxxxx>
- Date: Wed, 8 Dec 2010 09:05:51 +0000
it's worked on 2.6.35.7, nice exploit
On Wed, Dec 8, 2010 at 6:09 AM, Rem7ter <rem7ter@xxxxxxxxx> wrote:
> Why gcc exp.c -o exp alert "Error: too many Argument"? I test it in Linux
> 2.6.X.
>
> 2010/12/7 coderman <coderman@xxxxxxxxx>
>
> On Tue, Dec 7, 2010 at 12:25 PM, Dan Rosenberg
>> <dan.j.rosenberg@xxxxxxxxx> wrote:
>> > ... I've included here a proof-of-concept local privilege escalation
>> exploit...
>> > * This exploit leverages three vulnerabilities to get root, all of
>> which were
>> > * discovered by Nelson Elhage:
>> >...
>> > * However, the important issue, CVE-2010-4258, affects everyone, and it
>> would
>> > * be trivial to find an unpatched DoS under KERNEL_DS and write a
>> slightly
>> > * more sophisticated version of this...
>>
>> nice :)
>>
>> clearly demonstrates why risk is complicated and seemingly minor
>> defects (worth delaying patches for weeks/months? ;) can combine into
>> truly ugly vulnerabilities...
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
Ali MEZGANI
Network Engineering/Security
http://securfox.wordpress.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/