|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5
From: Wojciech Purczynski (wp
ELZABSOFT.PL)Date: Fri Jun 09 2000 - 01:59:36 CDT
- Next message: Jeremy Rauch: "Re: BRU Vulnerability"
- Previous message: Markus Friedl: "OpenSSH's UseLogin option allows remote access with root privilege."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A few days ago while I was coding my kernel module I discovered a problem
with Linux capability model. My idea was to drop inheritable capability
set as non-root user and then execute some setuid-root program that would
be unable to drop its privileges.
I wrote two versions of proof-of-concept exploits. The day after, I
contacted linux and sendmail developers. They created patches that have
been available since yesterday. Procmail developers have been contacted,
as well, since procmail is also affected by this kernel bug.
Exploits are attached to this message.
-wp
+--------------------------------------------------------------------+
| Wojciech Purczynski wpelzabsoft.pl http://www.elzabsoft.pl/~wp |
| GSM: +48604432981 Linux Administrator SMS: wp-smselzabsoft.pl |
+------ Public GnuPG Key: http://www.elzabsoft.pl/~wp/gpg.asc ------+
- TEXT/PLAIN attachment: sendmail exploit
- TEXT/PLAIN attachment: sendmail & procmail exploit
- Next message: Jeremy Rauch: "Re: BRU Vulnerability"
- Previous message: Markus Friedl: "OpenSSH's UseLogin option allows remote access with root privilege."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]