Bugtraq mailing list archives
Re: Multiple OS kernel insecure handling of stdio file descriptor
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Thu, 18 Jan 2007 21:30:49 +0300
Dear XFOCUS Security Team, A more complicated variant of this vulnerability (exhausting all available descriptors and closing standard one) was reported by Joost Pol for BSD systems. It's very funny to see commercial Unix variants were not checked against it and simplest variant of this attack was not fixed for 5 years. See: http://security.nnov.ru/news1956.html --Thursday, January 18, 2007, 5:21:52 PM, you wrote to full-disclosure () lists grok org uk: XST> The affected OSes allows local users to write to or read from restricted XST> files by closing the file descriptors 0 (standard input), 1 (standard XST> output), or 2 (standard error), which may then be reused by a called XST> setuid process that intended to perform I/O on normal files. the attack XST> which exploit this vulnerability possibly get root right. -- ~/ZARAZA http://security.nnov.ru/
Current thread:
- Multiple OS kernel insecure handling of stdio file descriptor XFOCUS Security Team (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor 3APA3A (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Peter Jeremy (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Carson Gaspar (Jan 22)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Shiva Persaud (Jan 20)
- Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 23)
- Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor Troy Bollinger (Jan 22)
- Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 23)