lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4060B2C0.2030907@immunitysec.com>
Date: Tue, 23 Mar 2004 16:57:20 -0500
From: Dave Aitel <dave@...unitysec.com>
To: bugtraq@...urityfocus.com
Subject: Immunity Advisory: Solaris local kernel root


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity Research has released an Advisory from the Vulnerability
Sharing Club into the public domain. This advisory can be found at
http://www.immunitysec.com/downloads/solaris_kernel_vfs.sxw.pdf

Technical Summary: There is a vulnerability in Solaris that allows
local users to load kernel modules without being root. This is handy
for getting around things like Argus Pitbull (if it still existed) or
Okena or Entercept or anything like that, or simply for just taking
root. An exploit for this was released as part of the Shellcoder's
Handbook.

There is a Solaris patch that appears to make this exploit ineffective.
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57479&zone_32=category%3Asecurity

Dave Aitel
Immunity, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAYLLAzOrqAtg8JS8RAlAjAJ45hjylqVhj0vpwe/UprJcoFeg2cACgr/cc
yKS6ZtgsjiQhXwjw3hpMmpE=
=SrMq
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ