lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 30 Apr 2015 12:31:48 -0600
From: Ian Neal <ineal@....edu>
To: Mark Felder <feld@...d.me>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] Mysterious CVE-2008-568 (Solaris)

It appears to be a simple typo; a quick search for "Linux Kernel Solaris
5.10 Local Root Exploit CVE" finds [1]; the CVE number is CVE-2008-5689.

[1] http://www.cvedetails.com/cve/CVE-2008-5689/

On Thu, Apr 30, 2015 at 11:58 AM, Mark Felder <feld@...d.me> wrote:

> It appears to me that CVE-2008-568 is rather hard to find information
> about, outside the public exploit [1] and advisory [2] issued by the
> team that found it. It's unknown to CVE sites probably because it's only
> referenced by 3 digits instead of 4. The patch README [3] doesn't seem
> to reference this issue at all. Does anyone know if it has a different
> CVE number or what happened here?
>
> [1] https://www.exploit-db.com/exploits/15962/
> [2] http://www.trapkit.de/advisories/TKADV2008-015.txt
> [3] https://getupdates.oracle.com/readme/README.138888-01
>
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists