What are the bugs in execshield?

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Are these bugs in execshield itself, or bugs in random applications,
or what?

http://www.wired.com/news/technology/0,72133-0.html?tw=wn_index_3

Xpl017Elz's presentation focused on four (of a reported seven) attacks
he developed against Red Hat's Fedora Core using ExecShield. He
demonstrated privilege escalation, where a logged-in user can become
root and take over the machine, and remote code execution, wherein an
external attacker can gain root without a login.

What Xpl017Elz hadn't done yet, he explained later through a
translator, was notify Red Hat of his work. "This exploit code is not
very critical," he explained. "This is a proof of concept." Later he
conceded that it could be a significant vulnerability under some
circumstances, but remained ambivalent about contacting Red Hat.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFFXjwHB8JNm+PA+iURApB4AJ4hzMj0VDhEpYWea8gKFRywDyBF8QCgkeFL
/6MPu/fDsTsPgUgL9+n7AOA=
=J+Ev
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave