Re: openbsd 3.4 ps bug
From: Daniel (deadbeat_at_sdf.lonestar.org)
Date: 11/20/03
- Previous message: Kurt Seifried: "Re: openbsd 3.4 ps bug"
- In reply to: Kurt Seifried: "Re: openbsd 3.4 ps bug"
- Next in thread: Dom De Vitto: "RE: openbsd 3.4 ps bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 20 Nov 2003 17:51:01 +0000 (UTC) To: Kurt Seifried <bt@seifried.org>
On Thu, 20 Nov 2003, Kurt Seifried wrote:
> > the gdb it gave me the address 0x1c01c116 in ?? ().I don`t have the
> > time to confirm if the bug is exploitable or not but it is a big problem
> > because a user(id 1000+) can also do that.This is a report which will also
> > be submited in the bugtraq.It is also not confirmed that other versions
>
> Yes this creates a core dump. I fail to see how this is exploitable for
> additional privileges however as ps is not setuid/setgid (simply mode 0555).
> Can you please enlighten us as to how this is exploitable for additional
> privileges?
>
>
> Kurt Seifried, kurt@seifried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
i didn't see him saying it was exploitable, as he didn't have time
to look
into it. yep your right, i dont see how any privledges can be gained from
this.
deadbeat
- Previous message: Kurt Seifried: "Re: openbsd 3.4 ps bug"
- In reply to: Kurt Seifried: "Re: openbsd 3.4 ps bug"
- Next in thread: Dom De Vitto: "RE: openbsd 3.4 ps bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
