[Full-Disclosure] Re: Linux ELF loader vulnerabilities

From: Ted Percival (ted_at_mrphp.com.au)
Date: 11/11/04

  • Next message: Keith Oxenrider: "[Full-Disclosure] Re: Evidence Mounts that the Vote Was Hacked" 
    To: security@isec.pl
Date: Thu, 11 Nov 2004 13:12:03 +1000

    These vulnerabilities appear to exist in 2.6.9 as well. All five buggy
    lines appear verbatim in the 2.6.9 source.

    Ted Percival

    Paul Starzetz wrote:
    > Synopsis: Linux kernel binfmt_elf loader vulnerabilities
    > Product: Linux kernel
    > Version: 2.4 up to to and including 2.4.27, 2.6 up to to and
    > including 2.6.8
    > Vendor: http://www.kernel.org/
    > URL: http://isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
    > CVE: not assigned
    > Author: Paul Starzetz <ihaquer@isec.pl>
    > Date: Nov 10, 2004
    >
    > Issue:
    > ======
    >
    > Numerous bugs have been found in the Linux ELF binary loader while
    > handling setuid binaries.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Keith Oxenrider: "[Full-Disclosure] Re: Evidence Mounts that the Vote Was Hacked"

    Relevant Pages

    • Re: Updates - evolution issue with your Davids messages
      ... to recall many complaining that it was 'buggy' and the bugs were not ... Just about all software's buggy, but I've not heard before this thread ... I've tried on Linux, ... I do not even have a Fedora release installed. ...
      (Fedora)
    • Re: Linux ELF loader vulnerabilities
      ... All five buggy ... lines appear verbatim in the 2.6.9 source. ... Paul Starzetz wrote: ... > Numerous bugs have been found in the Linux ELF binary loader while ...
      (Bugtraq)
    • Re: Linux ELF loader vulnerabilities
      ... All five buggy ... lines appear verbatim in the 2.6.9 source. ... Paul Starzetz wrote: ... > Numerous bugs have been found in the Linux ELF binary loader while ...
      (Full-Disclosure)
    • Problem with two soundcards
      ... My Abit motherboard has an intergrated soundcard (cmedia pci). ... * the bios is buggy and doesn't allow me to disable this soundcard. ... * the linux driver is buggy: ...
      (comp.os.linux.hardware)
    • Re: Linux is Lame
      ... >> And the Linux ones, usually being Open Source, are often better, more ... >> featurful, less buggy, more configurable... ... That may be true but my point is that I think Linux *is* end-user ready. ... In order for more esoteric apps like video editors to become commonplace ...
      (alt.os.linux.redhat)