Full Disclosure mailing list archives
Re: Linux kernel exploit
From: Benji <me () b3nji com>
Date: Mon, 13 Dec 2010 21:16:19 +0000
wait wait wait. you dont have time to read header notes, but do have time to run code you dont really know what it does on your system? can I send you some code? it's a linux 2.6.* 0day, remote root. On Mon, Dec 13, 2010 at 9:14 PM, Cal Leeming [Simplicity Media Ltd] < cal.leeming () simplicitymedialtd co uk> wrote:
Sorry Dan, I did a very quick copy and paste job, without reading the headers. I simply don't have time to read the code notes of every single exploit released. I would say that, if you are fed up with being inundated with emails, then perhaps you should mark these notes very clearly in big red writing at the top of the email like this, for those people who don't have much time to read these notes ;) On Mon, Dec 13, 2010 at 9:08 PM, <dan.j.rosenberg () gmail com> wrote:Please don't inundate me with e-mail because none of you bothered to read the exploit header. The exploit so far has a 100% success rate on the systems it was designed to work on. I don't think this is rocket science. If your distribution does not compile Econet, then the exploit obviously won't be able to open an Econet socket. This includes Arch Linux, Gentoo, Fedora, Red Hat, CentOS, Slackware, and more. This doesn't mean you're not vulnerable, it just means this particular exploit won't work. If your distro doesn't export the relevant symbols (Debian), ditto above. If your distro has patched the Econet vulnerabilities I used to trigger this (Ubuntu), ditto above. This was done on purpose, to avoid giving a weaponized exploit to people who shouldn't have one. -Dan Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "Cal Leeming [Simplicity Media Ltd]" <cal.leeming () simplicitymedialtd co uk> Sender: full-disclosure-bounces () lists grok org uk Date: Mon, 13 Dec 2010 20:40:45 To: Ariel Biener<ariel () post tau ac il> Cc: <leandro_lista () portari com br>; <firebits () backtrack com br>; < bugtraq () securityfocus com>; <full-disclosure () lists grok org uk> Subject: Re: [Full-disclosure] Linux kernel exploit _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- Cal Leeming Operational Security & Support Team *Out of Hours: *+44 (07534) 971120 | *Support Tickets: * support () simplicitymedialtd co uk *Fax: *+44 (02476) 578987 | *Email: *cal.leeming () simplicitymedialtd co uk *IM: *AIM / ICQ / MSN / Skype (available upon request) Simplicity Media Ltd. All rights reserved. Registered company number 7143564 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux kernel exploit, (continued)
- Re: Linux kernel exploit niklas | brueckenschlaeger (Dec 08)
- Re: Linux kernel exploit Francisco J (Dec 13)
- Re: Linux kernel exploit R0me0 *** (Dec 13)
- Re: Linux kernel exploit firebits (Dec 13)
- Re: Linux kernel exploit Benji (Dec 13)
- Re: Linux kernel exploit Ariel Biener (Dec 13)
- Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
- Re: Linux kernel exploit coderman (Dec 13)
- Re: Linux kernel exploit dan . j . rosenberg (Dec 13)
- Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
- Re: Linux kernel exploit Benji (Dec 13)
- Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
- Re: Linux kernel exploit Benji (Dec 13)
- Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
- Re: Linux kernel exploit Eyeballing Weev (Dec 13)
- Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
- Re: Linux kernel exploit Benji (Dec 13)
- Re: Linux kernel exploit Ariel Biener (Dec 14)