Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [security-alerts] Fwd: [Full-disclosure] FreeBSD 7/6x protosw kernel exploit
Dear Vladimir '3APA3A' Dubrovin,
Аттачмент потерялся. Тут все:
http://securityvulns.ru/news/FreeBSD/protosw.html
--Friday, December 26, 2008, 11:33:22 AM, you wrote to
security-alerts@xxxxxxxxxxxxxx:
V3D> Локальный, но все равно интересно.
V3D> --This is a forwarded message
V3D> From: don bailey <don.bailey@xxxxxxxxx>
V3D> To: dailydave@xxxxxxxxxxxxxxxxxxxxx
V3D> <dailydave@xxxxxxxxxxxxxxxxxxxxx>
V3D> Date: Friday, December 26, 2008, 11:28:32 AM
V3D> Subject: [Full-disclosure] FreeBSD 7/6x protosw kernel exploit
V3D> ===8<==============Original message text===============
V3D> -----BEGIN PGP SIGNED MESSAGE-----
V3D> Hash: SHA1
>> uname -rs
V3D> FreeBSD 7.0-RELEASE
>> id
V3D> uid=1001(donb) gid=1001(donb) groups=1001(donb),0(wheel)
>> grep ^root /etc/master.passwd
V3D> grep: /etc/master.passwd: Permission denied
>> nm /boot/kernel/kernel | grep allproc
V3D> c0bf26b8 B allproc
V3D> c0bf2670 B allproc_lock
>> cc -o x x.c
>> ./x 0xc0bf26b8
V3D> euid=0
>> id
V3D> uid=1001(donb) gid=1001(donb) euid=0(root) groups=1001(donb),0(wheel)
>> grep ^root /etc/master.passwd
V3D> root:$1$fuS6o3Qy$iFlUEpD9Y3ph7rOzMU/br1:0:0::0:0:Charlie &:/root:/bin/csh
>>
V3D> Happy holidays, all!
V3D> D
V3D> -----BEGIN PGP SIGNATURE-----
V3D> Version: GnuPG v2.0.9 (GNU/Linux)
V3D> iEYEARECAAYFAklUla4ACgkQttfe3HwtctN/fgCeJDmmpOK8bn1dnssxOkTZXdUg
V3D> idUAmwdyoMZnoEfnrR14TQlRDli9mv+j
V3D> =Pixh
V3D> -----END PGP SIGNATURE-----
V3D> ===8<===========End of original message text===========
--
~/ZARAZA http://securityvulns.com/
Ну а в целом, Уильям, здешний климат - ежели только
это можно назвать климатом, вполне сносный. (Твен)
|
