lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH8yC8nHS1te-udXQyG743xMA80as-FcD3U7+JeEYVVUEt0DPw@mail.gmail.com> Date: Wed, 25 Jan 2012 22:33:50 -0500 From: Jeffrey Walton <noloader@...il.com> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Linux Local Root -- CVE-2012-0056 -- Detailed Write-up Ubuntu just released patches: [USN-1342-1] (http://www.ubuntu.com/usn/usn-1342-1/). On Sun, Jan 22, 2012 at 6:25 PM, Jason A. Donenfeld <Jason@...c4.com> wrote: > Server presently DoS'd, or dreamhost is tweaking again. > > Cache link: > > http://webcache.googleusercontent.com/search?hl=en&safe=off&biw=1009&bih=687&sclient=psy-ab&q=cache%3Ahttp%3A%2F%2Fblog.zx2c4.com%2F749&pbx=1&oq=cache%3Ahttp%3A%2F%2Fblog.zx2c4.com%2F749&aq=f&aqi=g4&aql=&gs_sm=e&gs_upl=1077l2167l0l2282l7l4l0l0l0l0l148l403l2.2l4l0 > > On Sun, Jan 22, 2012 at 19:19, Jason A. Donenfeld <Jason@...c4.com> wrote: >> >> Hey Everyone, >> >> I did a detailed write-up on exploiting CVE-2012-0056 that some of >> y'all might appreciate. Pretty fun bug to play with -- dup2ing all >> over the place for the prize of getting to write arbitrary process >> memory into su :-). >> >> The write up is available on my blog here: http://blog.zx2c4.com/749 . Enjoy. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists