Date: Sat, 31 Jul 2010 14:11:37 +0100 From: =?UTF-8?Q?Istv=C3=A1n?= <leccine@gmail.com> To: Kostik Belousov <kostikbel@gmail.com> Cc: freebsd-security <freebsd-security@freebsd.org>, Selphie Keller <selphie.keller@gmail.com> Subject: Re: kernel module for chmod restrictions while in securelevel one or higher Message-ID: <AANLkTinp0Qw-q=05=fhSDQyjkpVWH2zdRhCpCNpUf=4p@mail.gmail.com> In-Reply-To: <20100731130410.GO22295@deviant.kiev.zoral.com.ua> References: <235BB726E71747BA980A0EF60F76ED37@2WIRE304> <20100731124136.GN22295@deviant.kiev.zoral.com.ua> <AANLkTi=6e1ZkCEYEJS%2B74DHK8QxfaFjYHDP8JJoJE4n-@mail.gmail.com> <20100731130410.GO22295@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
sorry my bad On Sat, Jul 31, 2010 at 2:04 PM, Kostik Belousov <kostikbel@gmail.com>wrote: > On Sat, Jul 31, 2010 at 01:59:43PM +0100, Istv??n wrote: > > http://www.securiteam.com/exploits/6P00C00EKO.html > This is an exploit for the archaic SA-05:02.sendfile. Op (semi-)obviously > means exploit for the recent SA-10:07.mbuf, for which I am very > curious whether the working exploit appeared in the wild. > > > > > On Sat, Jul 31, 2010 at 1:41 PM, Kostik Belousov <kostikbel@gmail.com > >wrote: > > > > > On Fri, Jul 30, 2010 at 11:18:39PM -0700, Selphie Keller wrote: > > > > Kernel module for chmod restrictions while in securelevel one or > higher: > > > > http://gist.github.com/501800 (fbsd 8.x) > > > > > > > > Was looking at the new recent sendfile/mbuf exploit and it was using > a > > > > shellcode that calls chmod syscall to make a setuid/setgid binary. > > > However > > > Can you point to the exploit (code) ? > > > > > > > > > > > -- > > the sun shines for all > > > > http://l1xl1x.blogspot.com > -- the sun shines for all http://l1xl1x.blogspot.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinp0Qw-q=05=fhSDQyjkpVWH2zdRhCpCNpUf=4p>