[NEWS] Phrack #58 Is Out

From: support@securiteam.com
Date: 01/04/02


From: support@securiteam.com
To: list@securiteam.com
Date: Fri,  4 Jan 2002 11:43:40 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Phrack #58 Is Out
------------------------------------------------------------------------

SUMMARY

 <http://www.phrack.org/> Phrack Magazine is one of the longest running
electronic magazines in existence, and certainly one of the most
interesting.
Since 1985, Phrack has been providing the hacker community with
information on operating systems, networking technologies and telephony,
as well as relaying features of interest to the international computer
underground.
The Phrack Magazine team released a new issue of this Magazine, number 58.

DETAILS

Articles included in this issue:
 * Advanced return-into-lib(c) exploits (PaX case study)
 * Runtime binary encryption
 * Advances in kernel hacking
 * Linux on-the-fly kernel patching without LKM
 * Linux x86 kernel function hooking emulation
 * RPC without borders
 * Developing StrongARM/Linux shellcode
 * HP-UX (PA-RISC 1.1) Overflows
 * The Security of Vita Vuova's Inferno OS

ADDITIONAL INFORMATION

The information has been provided by <mailto:staff_rs@phrack.org>
Phrack's Staff.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.



Relevant Pages

  • [UNIX] Flaws Found in Recent Linux Kernels (newgrp, symblinks)
    ... Flaws Found in Recent Linux Kernels (newgrp, ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... An attacker can force the kernel to spend almost arbitrary amount of time ... script creates 5 symlinks, each of them containing 2*N+1 path elements. ...
    (Securiteam)
  • [UNIX] Linux Kernel File Offset Pointer Handling
    ... Get your security news from a reliable source. ... The Linux kernel offers a file handling API to the userland applications. ... One of the properties of the file object is something called 'file offset' ... about one page of un-initialized kernel memory and can be exploited to ...
    (Securiteam)
  • [UNIX] Kmail HTML Support Allows Spoofing of Emails Content
    ... Get your security news from a reliable source. ... system call handler in the 2.4 Linux Kernel on the AMD64 platform a local attacker can gain root access using a simple program. ... it contains the sources that the binary kernel rpm packages are created from. ... Since the kernel-source.rpm is an installable package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. ...
    (Securiteam)
  • Re: thoughts on kernel security issues
    ... major security figure and/or haven't donated your life to security and ... the developer and more focus on the development. ... That's pretty complex in terms of kernel code, ... > most of the extra patches that distribution kernels apply are patches ...
    (Linux-Kernel)
  • [NEWS] Phrack #59 Is Out
    ... The Phrack Magazine team released a new issue of this Magazine, ... * Advances in kernel hacking II ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)