it's worked on 2.6.35.7, nice exploit On Wed, Dec 8, 2010 at 6:09 AM, Rem7ter <[email protected]> wrote:
> Why gcc exp.c -o exp alert "Error: too many Argument"? I test it in Linux > 2.6.X. > > 2010/12/7 coderman <[email protected]> > > On Tue, Dec 7, 2010 at 12:25 PM, Dan Rosenberg >> <[email protected]> wrote: >> > ... I've included here a proof-of-concept local privilege escalation >> exploit... >> > * This exploit leverages three vulnerabilities to get root, all of >> which were >> > * discovered by Nelson Elhage: >> >... >> > * However, the important issue, CVE-2010-4258, affects everyone, and it >> would >> > * be trivial to find an unpatched DoS under KERNEL_DS and write a >> slightly >> > * more sophisticated version of this... >> >> nice :) >> >> clearly demonstrates why risk is complicated and seemingly minor >> defects (worth delaying patches for weeks/months? ;) can combine into >> truly ugly vulnerabilities... >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Ali MEZGANI Network Engineering/Security http://securfox.wordpress.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
