lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4B1455EC.3030103@covertinferno.org> Date: Mon, 30 Nov 2009 15:31:56 -0800 From: phantomcircuit <phantomcircuit@...ertinferno.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: ** FreeBSD local r00t zeroday Confirmed on 7.2-RELEASE-p4 fully patched according to freebsd-update. %sh exploit.sh Desktop env env.c exploit exploit.c exploit.sh payload.c payload.o private program.c program.o public public_html run.sh w00t.so.1.0 FreeBSD local r00t zeroday by Kingcope November 2009 env.c: In function 'main': env.c:5: warning: incompatible implicit declaration of built-in function 'malloc' env.c:9: warning: incompatible implicit declaration of built-in function 'strcpy' env.c:11: warning: incompatible implicit declaration of built-in function 'execl' /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for ALEX-ALEX # id uid=1001(phantomcircuit) gid=20(staff) euid=0(root) groups=20(staff),0(wheel) # uname -a FreeBSD phantomcircuit.mine.nu 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Fri Oct 2 12:21:39 UTC 2009 root@...6-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 # _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists