There is a new local root bug in FreeBSD.This bug discovered & exploited by Nikolaos Rangos also known as KingcopeThere is an unbelievable simple local r00t bug in recent FreeBSD versions.
The bug resides in the Run-Time Link-Editor (rtld).
Normally rtld does not allow dangerous environment variables like
LD_PRELOAD
to be set when executing setugid binaries like "ping" or "su".
With a rather simple technique rtld can be tricked into
accepting LD variables even on setugid binaries.
Please read this advisory for more details:
http://securityreason.com/securityalert/6799
Friday, December 04, 2009
Subscribe to:
Post Comments (Atom)
Posts
1 comment:
Salam bro izhar.. benda yang sama juga berlaku dengan menggunakan "man" pada macOSx.. Aku penah jumpa ko kat nasik kandar penang ngan iwan haritu.. kenal tak?
Post a Comment