[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :)
- To: "Hunger" <hunger@xxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :)
- From: "Steven Hartland" <killing@xxxxxxxxxxxxxxx>
- Date: Wed, 19 Jun 2013 23:12:15 +0100
You mean patched:-
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc
----- Original Message -----
From: "Hunger" <hunger@xxxxxxxxx>
$ uname -a
FreeBSD fbsd91x64 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec
4 09:23:10 UTC 2012
root@xxxxxxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC amd64
$ id
uid=1001(hunger) gid=1002(hunger) groups=1002(hunger)
$ gcc fbsd9lul.c -o fbsd9lul
$ ./fbsd9lul
FreeBSD 9.{0,1} mmap/ptrace exploit
by Hunger <fbsd9lul@xxxxxxxxx>
# id
uid=0(root) gid=0(wheel) egid=1002(hunger) groups=1002(hunger)
#
--------------------------------------------------------------------------------
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please
telephone +44 845 868 1337
or return the E.mail to postmaster@xxxxxxxxxxxxxxx.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/