|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Linux & BSD's umount exploit
David J. Meltzer (davem
iss.net)Wed, 30 Oct 1996 13:33:39 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Alan Cox: "BoS: Someone reminded me of something today ;)"
- Previous message: Alan Cox: "Someone reminded me of something today ;)"
- In reply to: Paulo Jorge Alves Oliveira: "Linux & BSD's umount exploit"
- Next in thread: Alan Cox: "Re: Linux & BSD's umount exploit"
> there is a bug in berkeley-derived umount, which allows attacker to
> get root access (see freebsd-security for details). Here is exploit for
> Linux (tested on 2.0.XX), for BSD (tested on FreeBSD 2.1) and a quick
> soluction.
>
This is not a new hole, this is the same buffer overflow that was found
months ago and that others published on bugtraq and elsewhere quite a
while ago. This is also the same thing that a CERT vendor bulletin was
issued on.
As for the exploit, this is the 3rd one I have seen that duplicates the
functionality of the original sno.c code that was used to exploit it.
Dave
--------------------------------+---------------------
David J. Meltzer | Email: davemiss.net
Systems Engineer | Web: www.iss.net
Internet Security Systems, Inc. | Fax: (770)395-1972
- Next message: Alan Cox: "BoS: Someone reminded me of something today ;)"
- Previous message: Alan Cox: "Someone reminded me of something today ;)"
- In reply to: Paulo Jorge Alves Oliveira: "Linux & BSD's umount exploit"
- Next in thread: Alan Cox: "Re: Linux & BSD's umount exploit"