[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 11 Nov 2004 13:12:03 +1000
From: Ted Percival <ted@...hp.com.au>
To: security@...c.pl
Cc: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com
Subject: Re: Linux ELF loader vulnerabilities
These vulnerabilities appear to exist in 2.6.9 as well. All five buggy
lines appear verbatim in the 2.6.9 source.
Ted Percival
Paul Starzetz wrote:
> Synopsis: Linux kernel binfmt_elf loader vulnerabilities
> Product: Linux kernel
> Version: 2.4 up to to and including 2.4.27, 2.6 up to to and
> including 2.6.8
> Vendor: http://www.kernel.org/
> URL: http://isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
> CVE: not assigned
> Author: Paul Starzetz <ihaquer@...c.pl>
> Date: Nov 10, 2004
>
> Issue:
> ======
>
> Numerous bugs have been found in the Linux ELF binary loader while
> handling setuid binaries.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists