Re: Local Root exploit (Fedora Core 4)

To: "Florian Strankowski (fs)" <florian.s@xxxxxxxxxxxxxxxxx>, "Bugtraq" <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Local Root exploit (Fedora Core 4)
From: Paul Starzetz <paul@xxxxxxxxxxx>
Date: Mon, 27 Jun 2005 12:43:13 +0200
In-reply-to: <000501c577bc$3d60fad0$0200a8c0@etox>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <000501c577bc$3d60fad0$0200a8c0@etox>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511

Florian Strankowski (fs) wrote:

Local Root Exploit under Fedora Core 4 (stable) Advisory

Florian Strankowski
florian.s@xxxxxxxxxxxxxxxxx
www.bildunxxluecke.de/usr/florian/advisory/advisory-05-048.txt

Vulnerable System :

This vulnerability affects Fedora Core 4.0 (stable) with
the kernelversion 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:53:35 EDT 2005
(http://fedora.redhat.com)

Vulnerability Title:

pwned.c (originally and mods of it)

You wake up pretty late - the Linux uselib() vulnerability wasoriginally published 07 Jan 2005. However to my knowledge there was anexploit code called pwned.c floating around before that date - please DONOT plagiarize and steal our spare time on bugtraq with fake advisories.

References:
- Local Root exploit (Fedora Core 4)
  - From: Florian Strankowski (fs)

Prev by Date: M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80
Next by Date: [ GLSA 200506-23 ] Clam AntiVirus: Denial of Service vulnerability
Previous by thread: Re: Local Root exploit (Fedora Core 4)
Next by thread: Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)
Index(es):
- Date
- Thread