Dailydave mailing list archives
What are the bugs in execshield?
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 17 Nov 2006 17:47:36 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are these bugs in execshield itself, or bugs in random applications, or what? http://www.wired.com/news/technology/0,72133-0.html?tw=wn_index_3 Xpl017Elz's presentation focused on four (of a reported seven) attacks he developed against Red Hat's Fedora Core using ExecShield. He demonstrated privilege escalation, where a logged-in user can become root and take over the machine, and remote code execution, wherein an external attacker can gain root without a login. What Xpl017Elz hadn't done yet, he explained later through a translator, was notify Red Hat of his work. "This exploit code is not very critical," he explained. "This is a proof of concept." Later he conceded that it could be a significant vulnerability under some circumstances, but remained ambivalent about contacting Red Hat. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFFXjwHB8JNm+PA+iURApB4AJ4hzMj0VDhEpYWea8gKFRywDyBF8QCgkeFL /6MPu/fDsTsPgUgL9+n7AOA= =J+Ev -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- What are the bugs in execshield? Dave Aitel (Nov 17)