Full Disclosure mailing list archives
Gain Access to SSH Group via ssh-agent and OpenSSL
From: halfdog <me () halfdog net>
Date: Fri, 29 Dec 2017 09:52:30 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello List, Although for ssh-agent this is just a funny bug and no security problem, other software might be vulnerable to privilege escalation. And apart from escalation, the openssl code execution feature is a nice and very reliable way to load and hide code in SSL-enabled software. If done via ssh-agent, then this hidden code may not even be coredumped or debugged by normal users. https://www.halfdog.net/Security/2017/SshAgentGainGroupPrivileges/ hd -----BEGIN PGP SIGNATURE----- iF0EAREKAB0WIQQVaq6YuR8BFP6IK9jEWZOG/u2r7gUCWkYPkAAKCRDEWZOG/u2r 7rs6AJ0as5yPcupSICpMyNtoq+XMNaIHOACfaZiAZDGBzxOEfeVcwL0nZVpsdM0= =gYc6 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Gain Access to SSH Group via ssh-agent and OpenSSL halfdog (Jan 02)