Full Disclosure mailing list archives
Re: Linux kernel exploit
From: coderman <coderman () gmail com>
Date: Tue, 7 Dec 2010 13:33:35 -0800
On Tue, Dec 7, 2010 at 12:25 PM, Dan Rosenberg <dan.j.rosenberg () gmail com> wrote:
... I've included here a proof-of-concept local privilege escalation exploit... * This exploit leverages three vulnerabilities to get root, all of which were * discovered by Nelson Elhage: ... * However, the important issue, CVE-2010-4258, affects everyone, and it would * be trivial to find an unpatched DoS under KERNEL_DS and write a slightly * more sophisticated version of this...
nice :) clearly demonstrates why risk is complicated and seemingly minor defects (worth delaying patches for weeks/months? ;) can combine into truly ugly vulnerabilities... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux kernel exploit, (continued)
- Re: Linux kernel exploit dave b (Dec 08)
- Re: Linux kernel exploit Ed Carp (Dec 08)
- Re: Linux kernel exploit nArEn ÁĹ0ПΞ Ŵ0ĹŦஇ (Dec 08)
- Re: Linux kernel exploit leandro_lista (Dec 08)
- Re: Linux kernel exploit Benji (Dec 08)
- Re: Linux kernel exploit David Flores (Dec 08)
- Re: Linux kernel exploit Rem7ter (Dec 08)
- Re: Linux kernel exploit Vadim Grinco (Dec 09)
- Re: Linux kernel exploit Jean Pierre Dentone (Dec 09)
- Re: Linux kernel exploit Urlan (Dec 10)
- Re: Linux kernel exploit Rem7ter (Dec 07)
- Re: Linux kernel exploit mezgani ali (Dec 08)
- Re: Linux kernel exploit Thomas SOETE (Dec 08)
- Re: Linux kernel exploit Dan Rosenberg (Dec 08)
- Re: Linux kernel exploit nix (Dec 08)
- Re: Linux kernel exploit Marcus Meissner (Dec 08)
- Re: Linux kernel exploit niklas | brueckenschlaeger (Dec 08)