Vulnerability Development mailing list archives
Re: Local root through vulnerability in ping on linux.
From: mmurray () TAOS COM
Date: Mon, 21 Aug 2000 04:39:46 -0700
Hey all... I discovered this issue a while ago; IIRC, the ping program in RHL segfaults at a certain number of bytes (256 over maximum ping length?). However, this is NOT EXPLOITABLE, as far as I could tell; ping is not suid, and this segfault requires root priveledges to attain (due to the necessity of a raw socket). This is not standard linux; this is in the redhat version of ping only. That's why debian, slackware, etc. aren't affected... Mike ___________________________________________________________ Mike Murray mmurray () taos com System and Network Administrator Taos -- The Sys Admin Company San Francisco, CA Phone:415-469-0297 Pager: 415-253-2786 ___________________________________________________________
Current thread:
- Re: Local root through vulnerability in ping on linux., (continued)
- Re: Local root through vulnerability in ping on linux. Daniel Jacobowitz (Aug 21)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Hue-Bond (Aug 21)
- Re: Local root through vulnerability in ping on linux. Ronald Huizer (Aug 22)
- Re: Local root through vulnerability in ping on linux. geoff (Aug 22)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Michal Zalewski (Aug 22)
- Re: Local root through vulnerability in ping on linux. Matt Wilson (Aug 23)
- Re: Local root through vulnerability in ping on linux. mmurray (Aug 21)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Daniel Roesen (Aug 22)