Bugtraq mailing list archives

Re: DebPloit (exploit)

From: Florian Weimer <Weimer () CERT Uni-Stuttgart DE>
Date: Tue, 26 Mar 2002 12:50:33 +0100

For our own use, we have rewritten DPfix in Ada so that we have
complete source code for this tool.  (DPfix by Radim "EliCZ" Picha
changes the erratic ACL so that it allows access for SYSTEM only.)  As
of now, we have not encountered any side effects in our setup.

Our tool is slightly more general (you have to pass the process and
object name on the command line), and it does not require any user
interaction, so it is suitable for startup scripts.

Further information, full Ada source code, and a precompiled binary is
available at:

   http://CERT.Uni-Stuttgart.DE/people/fw/tools/chsystem/

-- 
Florian Weimer                    Weimer () CERT Uni-Stuttgart DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

Current thread:

Fwd: DebPloit (exploit) Mike Tone (Mar 14)
- Re: DebPloit (exploit) Florian Weimer (Mar 27)