[EMAIL PROTECTED]:~/security$ ./elflbl
[+] SLAB cleanup
child 1 VMAs 64801
[+] moved stack bfffe000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xd4000000 - 0xe7ff1000
[-] FAILED: open lib (/dev/shm/_elf_lib not writable?) (Permission denied)
Killed
[EMAIL PROTECTED]:~/security$ su -
tuxsystem:~# mount -t tmpfs tmpfs /dev/shm
after:
[EMAIL PROTECTED]:~/security$ ./elflbl
[+] SLAB cleanup
child 1 VMAs 605
[+] moved stack bfffe000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xd4000000 - 0xe7ff1000
Wait... \
[-] FAILED: try again (-f switch) and again (Cannot allocate memory)
Killed
system: Debian Woody
Linux version 2.4.28 ([EMAIL PROTECTED]) (gcc version 2.95.4 20011002
(Debian prerelease)) #2 Fri Nov 19 12:27:33 CLST 2004
Saludos!
On Mon, 10 Jan 2005 15:37:52 +0100, Vladislav Kurz
<[EMAIL PROTECTED]> wrote:
> On Monday 10 of January 2005 15:29, Jacques Lav!gnotte wrote:
> > On Mon, 10 Jan 2005 15:19:33 +0100
> >
> > Vladislav Kurz <[EMAIL PROTECTED]> wrote:
> > > mount -t tmpfs tmpfs /dev/shm
> >
> > Only root can do that.
>
> But it can be already mounted, and the exploit can be modified to use any
> writeable directory instead.
>
> >
> > Jacques
>
> --
> Regards
> Vladislav Kurz
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
