Vulnerability Development: Re: Local root through vulnerability in ping on linux.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Local root through vulnerability in ping on linux.

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Tue, 22 Aug 2000 15:51:38 +0200

However, this is NOT EXPLOITABLE, as far as I could tell; ping is not suid, and
this segfault requires root priveledges to attain (due to the necessity of a
raw socket).


[root () blue bluefish]# ls -l `which ping`
-rwsr-xr-x   1 root     root        14804 Apr  7  1999 /bin/ping

Nope, suid by default on rh. Unless my cute rh box is backdoored, but I
doubt it.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

By Date By Thread

Current thread:

Re: Local root through vulnerability in ping on linux., (continued)
- Re: Local root through vulnerability in ping on linux. Vitaly McLain (Aug 21)
  - Re: Local root through vulnerability in ping on linux. mmurray (Aug 21)
    - Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
    - Re: Local root through vulnerability in ping on linux. Daniel Roesen (Aug 22)
- Re: Local root through vulnerability in ping on linux. Jackson Bloomston (Aug 21)