[<prev] [next>] [day] [month] [year] [list]
Message-ID: <5475F051.6070305@upv.es>
Date: Wed, 26 Nov 2014 16:22:57 +0100
From: Hector Marco <hecmargi@....es>
To: full-disclosure@...ts.grok.org.uk, fulldisclosure@...lists.org,
bugtraq@...urityfocus.com
Subject: [FD] CVE-2014-5439 - Root shell on Sniffit [with exploit]
CVE-2014-5439 - Root shell on Sniffit
Sniffit is a packet sniffer and monitoring tool.
The attacker can create a specially-crafted sniffit configuration file,
which is able
to bypass all three protection mechanisms:
- Non-eXecutable bit NX
- Stack Smashing Protector SSP
- Address Space Layout Randomisation ASLR
And execute arbitrary code with root privileges.
Exploit, fix and discussion in:
http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html
Regards,
Hector Marco.
http://hmarco.org
Cybersecurity researcher at:
http://cybersecurity.upv.es/
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists