raptor's xmas pack 2004

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: raptor's xmas pack 2004
From: Marco Ivaldi <raptor@xxxxxxxxxxxxxxx>
Date: Wed, 22 Dec 2004 21:53:31 +0100 (CET)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hello bugtraq,

For this xmas i'm releasing some of the exploits i've developed in the
last months. Nothing so fancy, but i believe i've deployed some
new/interesting techniques, specially on the Solaris/SPARC platform.

Here's the index:

raptor_chown.c          local on Linux 2.6.x < 2.6.7-rc3 (CAN-2004-0497)
raptor_udf.c            MySQL privilege escalation procedure (code by NGS)
raptor_rlogin.c         remote on Solaris 2.5.1, 2.6, 7, 8 (CVE-2001-0797)
raptor_ldpreload.c      local on Solaris 2.6, 7, 8, 9 (CAN-2003-0609)
raptor_libdthelp.c      local on Solaris 7, 8, 9 (CAN-2003-0834)
raptor_libdthelp2.c     same as above, ret-into-ld.so version
raptor_passwd.c         local on Solaris 8, 9 (CAN-2004-0360)

All the exploits are in the attached tarball. They are also freely
downloadable from my homepage, at:

http://www.0xdeadbeef.info/

Merry xmas and happy hacking ;)

-- 
Marco Ivaldi
Antifork Research, Inc.   http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233  0394 EF85 2008 DBFD B707

Attachment: raptor_xmas04.tgz
Description: Binary data

Prev by Date: Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@xxxxxxxxxx>
Next by Date: [SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution
Previous by thread: [Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS)
Next by thread: [SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution
Index(es):
- Date
- Thread