Full Disclosure: Re: Symlink vulnerabilities

Re: Symlink vulnerabilities

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Tue, 25 Oct 2011 16:04:51 -0700

You can make it bypass Aslr ?


No, you are absolutely correct, this vulnerability can't be used to
bypass ASLR. Score one for address space randomization.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Symlink vulnerabilities, (continued)
- Re: Symlink vulnerabilities Tavis Ormandy (Oct 22)
  - Re: Symlink vulnerabilities bugs (Oct 22)
    - Re: Symlink vulnerabilities Leon Kaiser (Oct 24)
    - Re: Symlink vulnerabilities bugs (Oct 24)
- Re: Symlink vulnerabilities vladz (Oct 24)
  - Re: Symlink vulnerabilities xD 0x41 (Oct 25)
    - Re: Symlink vulnerabilities Tavis Ormandy (Oct 25)
    - Re: Symlink vulnerabilities bugs (Oct 25)
    - Re: Symlink vulnerabilities Tavis Ormandy (Oct 25)
    - Re: Symlink vulnerabilities xD 0x41 (Oct 25)
    - Re: Symlink vulnerabilities Michal Zalewski (Oct 25)
    - Re: Symlink vulnerabilities xD 0x41 (Oct 25)
    - Re: Symlink vulnerabilities Valdis . Kletnieks (Oct 25)
    - Re: Symlink vulnerabilities xD 0x41 (Oct 25)
    - Re: Symlink vulnerabilities Tavis Ormandy (Oct 25)
    - Re: Symlink vulnerabilities Michal Zalewski (Oct 25)
    - Re: Symlink vulnerabilities dave bl (Oct 26)
    - Re: Symlink vulnerabilities Ryan Sears (Oct 25)
    - Re: Symlink vulnerabilities bugs (Oct 26)
    - Re: Symlink vulnerabilities vladz (Oct 27)
    - Re: Symlink vulnerabilities xD 0x41 (Oct 27)
(Thread continues...)