Re: ** FreeBSD local r00t zeroday

[David Berard <contact () davidberard fr>]

> 7.0 not vuln.

7.0 vulnerable here,

$ ./env 
/libexec/ld-elf.so.1: environment corrupt; missing value for 
/libexec/ld-elf.so.1: environment corrupt; missing value for 
/libexec/ld-elf.so.1: environment corrupt; missing value for 
/libexec/ld-elf.so.1: environment corrupt; missing value for 
/libexec/ld-elf.so.1: environment corrupt; missing value for 
ALEX-ALEX
# uname -r
7.0-RELEASE-p3

> On Mon, Nov 30, 2009 at 10:49 PM, Ed Carp <erc at pobox.com> wrote:
>
> > On 11/30/09, Kingcope <kcope2 at googlemail.com> wrote:
> >
> > > Systems tested/affected
> > > **********************************
> > > FreeBSD 8.0-RELEASE *** VULNERABLE
> > > FreeBSD 7.1-RELEASE *** VULNERABLE
> > > FreeBSD 6.3-RELEASE *** NOT VULN
> > > FreeBSD 4.9-RELEASE *** NOT VULN
> >
> > Glad I still run 6.3!  How about 6.4?
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/

> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

--
David BERARD
-------------------------------------------------
contact(at)davidberard.fr
GPG|PGP KeyId 0xC8533354
GPG|PGP Key http://davidberard.fr/C8533354.gpgkey
-------------------------------------------------
*          No electrons were harmed in          *
*         the transmission of this email        *

Attachment: PGP.sig
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/