Re: DJB's students release 44 *nix software vulnerability advisories

From: David F. Skoll (dfs_at_roaringpenguin.com)
Date: 12/21/04

  • Next message: Shiva Persaud: "Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue)" 
    Date: Tue, 21 Dec 2004 14:59:15 -0500 (EST)
To: Jonathan T Rockway <jrockw2@uic.edu>

    On Mon, 20 Dec 2004, Jonathan T Rockway wrote:

    > Regarding local versus remote, look at it this way: You have a 100%
    > secure system. Then you install NASM. Now a user FROM THE NETWORK can
    > send you some tainted assembly code for you to assemble and he can
    > compromise your account.

    That's nonsense. If you have /bin/sh installed, I can send you a shell
    script FROM THE NETWORK that will give me root access if you run it.
    Therefore, every UNIX system on Earth has a remote hole, according to
    your definition.

    > Now in regards to full disclosure, I think you should all be happy
    > that we bothered to tell you all about these exploits. We could
    > have selfishly used them to compromise machines, but instead we
    > wrote them up and mailed them off to the users and the authors!

    Could you have? How, pray tell, would you compromise a machine with
    the NASM exploit? Even if you have a local account, the NASM exploit
    lets you run arbitrary code as... yourself. Big deal. 

    --
David.
  • Next message: Shiva Persaud: "Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue)"