| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1830E3E7BB613147A6379B2F61B9EA891CF32803@mail.medimpact.com> Date: Tue, 5 Jul 2005 13:38:50 -0700 From: "Glenn Pitcher" <Glenn.Pitcher@...Impact.com> To: "'KF (lists)'" <kf_lists@...italmunition.com>, full-disclosure@...ts.grok.org.uk Cc: bugtraq@...urityfocus.com Subject: RE: Solaris 9/10 ld.so fun I compiled it using Workshop 10 and it doesn't give me root. I'm on Solaris 9 w/ 112963-18. Also tried using this on a Solaris 8 box and got the same results. bash-2.05$ !cc cc -xarch=v8plus -xcode=pic32 -G -o /tmp/Schily-Root.so /tmp/Schily-Root.c bash-2.05$ !export export LD_AUDIT=/tmp/Schily-Root.so bash-2.05$ su - ld.so.1: su: warning: la_version: can't find symbol ld.so.1: su: warning: /tmp/Schily-Root.so: audit initialization failure: disabled --- Glenn Pitcher IT Security MedImpact Healthcare Systems San Diego, CA 858-790-7479 glenn.pitcher @ medimpact.com > -----Original Message----- > From: KF (lists) [mailto:kf_lists@...italmunition.com] > Sent: Saturday, July 02, 2005 5:29 PM > To: full-disclosure@...ts.grok.org.uk > Cc: Przemyslaw Frasunek; bugtraq@...urityfocus.com > Subject: Re: [Full-disclosure] Solaris 9/10 ld.so fun > > > Przemyslaw Frasunek wrote: > > >Vulnerability was confirmed by Sun: > > > >http://sunsolve.sun.com/search/document.do?assetkey=1-26-101794-1 > > > >There are still no patches available, but workaround was proposed. > > > > > > > > Here is an exploit for Schillix using venglin's mojo. > -KF > > ------------------------------------------------------------------------------ This transmission, together with any attachments, is intended only for the use of those to whom it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any distribution or copying of this transmission is strictly prohibited. If you received this transmission in error, please notify the original sender immediately and delete this message, along with any attachments, from your computer. ============================================================================== _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists