lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHmME9rewhQcrWt2QV24__bBNjdFyQtE0BwG+DgQHd2N7YnO=w@mail.gmail.com> Date: Mon, 23 Jan 2012 00:25:24 +0100 From: "Jason A. Donenfeld" <Jason@...c4.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Linux Local Root -- CVE-2012-0056 -- Detailed Write-up Server presently DoS'd, or dreamhost is tweaking again. Cache link: http://webcache.googleusercontent.com/search?hl=en&safe=off&biw=1009&bih=687&sclient=psy-ab&q=cache%3Ahttp%3A%2F%2Fblog.zx2c4.com%2F749&pbx=1&oq=cache%3Ahttp%3A%2F%2Fblog.zx2c4.com%2F749&aq=f&aqi=g4&aql=&gs_sm=e&gs_upl=1077l2167l0l2282l7l4l0l0l0l0l148l403l2.2l4l0 On Sun, Jan 22, 2012 at 19:19, Jason A. Donenfeld <Jason@...c4.com> wrote: > > Hey Everyone, > > I did a detailed write-up on exploiting CVE-2012-0056 that some of > y'all might appreciate. Pretty fun bug to play with -- dup2ing all > over the place for the prize of getting to write arbitrary process > memory into su :-). > > The write up is available on my blog here: http://blog.zx2c4.com/749 . Enjoy. > > Jason _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists