Vulnerability Development mailing list archives
Re: Local root through vulnerability in ping on linux.
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Tue, 22 Aug 2000 15:51:38 +0200
However, this is NOT EXPLOITABLE, as far as I could tell; ping is not suid, and this segfault requires root priveledges to attain (due to the necessity of a raw socket).
[root@blue bluefish]# ls -l `which ping` -rwsr-xr-x 1 root root 14804 Apr 7 1999 /bin/ping Nope, suid by default on rh. Unless my cute rh box is backdoored, but I doubt it. ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: Local root through vulnerability in ping on linux., (continued)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Hue-Bond (Aug 21)
- Re: Local root through vulnerability in ping on linux. Ronald Huizer (Aug 22)
- Re: Local root through vulnerability in ping on linux. geoff (Aug 22)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Michal Zalewski (Aug 22)
- Re: Local root through vulnerability in ping on linux. Matt Wilson (Aug 23)
- Re: Local root through vulnerability in ping on linux. mmurray (Aug 21)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Daniel Roesen (Aug 22)