|
Full Disclosure
mailing list archives
Re: Linux kernel exploit
From: coderman <coderman () gmail com>
Date: Tue, 7 Dec 2010 13:33:35 -0800
On Tue, Dec 7, 2010 at 12:25 PM, Dan Rosenberg
<dan.j.rosenberg () gmail com> wrote:
... I've included here a proof-of-concept local privilege escalation exploit...
* This exploit leverages three vulnerabilities to get root, all of which were
* discovered by Nelson Elhage:
...
* However, the important issue, CVE-2010-4258, affects everyone, and it would
* be trivial to find an unpatched DoS under KERNEL_DS and write a slightly
* more sophisticated version of this...
nice :)
clearly demonstrates why risk is complicated and seemingly minor
defects (worth delaying patches for weeks/months? ;) can combine into
truly ugly vulnerabilities...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Linux kernel exploit, (continued)
Re: Linux kernel exploit leandro_lista (Dec 08)
Re: Linux kernel exploit Vadim Grinco (Dec 09)
Re: Linux kernel exploit Jean Pierre Dentone (Dec 09)
Re: Linux kernel exploit Urlan (Dec 10)
Re: Linux kernel exploit coderman (Dec 07)
Re: Linux kernel exploit John Jacobs (Dec 08)
Re: Linux kernel exploit Sherif Mousa (Dec 09)
Re: Linux kernel exploit Kai (Dec 08)
(Thread continues...)
|
