Re: [Full-disclosure] Linux kernel exploit



wait wait wait.

you dont have time to read header notes, but do have time to run code you
dont really know what it does on your system?

can I send you some code? it's a linux 2.6.* 0day, remote root.

On Mon, Dec 13, 2010 at 9:14 PM, Cal Leeming [Simplicity Media Ltd] <
cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Sorry Dan, I did a very quick copy and paste job, without reading the
headers. I simply don't have time to read the code notes of every single
exploit released.

I would say that, if you are fed up with being inundated with emails, then
perhaps you should mark these notes very clearly in big red writing at the
top of the email like this, for those people who don't have much time to
read these notes ;)

On Mon, Dec 13, 2010 at 9:08 PM, <dan.j.rosenberg@xxxxxxxxx> wrote:

Please don't inundate me with e-mail because none of you bothered to read
the exploit header.

The exploit so far has a 100% success rate on the systems it was designed
to work on.

I don't think this is rocket science. If your distribution does not
compile Econet, then the exploit obviously won't be able to open an Econet
socket. This includes Arch Linux, Gentoo, Fedora, Red Hat, CentOS,
Slackware, and more. This doesn't mean you're not vulnerable, it just means
this particular exploit won't work.

If your distro doesn't export the relevant symbols (Debian), ditto above.

If your distro has patched the Econet vulnerabilities I used to trigger
this (Ubuntu), ditto above.

This was done on purpose, to avoid giving a weaponized exploit to people
who shouldn't have one.

-Dan


Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: "Cal Leeming [Simplicity Media Ltd]"
<cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx>
Sender: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
Date: Mon, 13 Dec 2010 20:40:45
To: Ariel Biener<ariel@xxxxxxxxxxxxxx>
Cc: <leandro_lista@xxxxxxxxxxxxxx>; <firebits@xxxxxxxxxxxxxxxx>; <
bugtraq@xxxxxxxxxxxxxxxxx>; <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Linux kernel exploit

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--

Cal Leeming

Operational Security & Support Team

*Out of Hours: *+44 (07534) 971120 | *Support Tickets: *
support@xxxxxxxxxxxxxxxxxxxxxxxx
*Fax: *+44 (02476) 578987 | *Email: *cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx
*IM: *AIM / ICQ / MSN / Skype (available upon request)
Simplicity Media Ltd. All rights reserved.
Registered company number 7143564


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/