[prev in list] [next in list] [prev in thread] [next in thread]
List: pen-test
Subject: Re: Linux NULL pointer dereference
From: arpunk <arpunk () cyberdelic ! org>
Date: 2009-08-23 3:01:12
Message-ID: a31a214f0908222001v7e73bbd4s331e09b88e32cb93 () mail ! gmail ! com
[Download RAW message or body]
On Wed, Aug 19, 2009 at 7:42 AM, Camilo Uribe<camilo.uribe@gmail.com> wrote:
> On Mon, Aug 17, 2009 at 2:06 PM, Ben Greenfield<bcg@struxural.com> wrote:
> > > Now, back to some real pen-test stuff.... Anyone had a chance to leverage
> > > the recent Linux NULL pointer dereference bug in proto_ops in an engagement?
> >
> > I have not yet had the chance to use this in an engagement, but I feel
> > like this is one that's going to be around for a _long time_ because
> > of how many different versions are affected.
> >
> > Also, I've done some testing with this vulnerability, and haven't been
> > able to get it working against Ubuntu Jaunty 9.04 on an AMD64. My
> > understanding is that all architectures are vulnerable... has anyone
> > had any success against AMD64 with this?
> >
> > On all the x86 platforms I've tested it against (Ubuntu 8.04 LTS x86,
> > Debian 5 x86, Xen virtualized 2.6 linux x86) it worked as expected and
> > resulted in local privilege escalation to root.
>
> The USN(Ubuntu Security Notice) http://www.ubuntu.com/usn/usn-819-1
> says: "By default, Ubuntu 8.04 and later with a non-zero
> /proc/sys/vm/mmap_min_addr setting were not vulnerable"
Funny... we just owned one in Casa del Bosque today ;)
--
No matter where you go, everyone's connected.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a \
proper penetration test. IACRB CPT and CEPT certs require a full practical \
examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic