Home
Latest images
Search
Register
Log inFreeBSD 7.2 local root vulnerability (0day) demo
Page 1 of 1
FreeBSD 7.2 local root vulnerability (0day) demo
andry Fri Oct 29, 2010 7:18 am
exploit still not released,anyway take a look at this video demonstration
Another race condition leading to NULL ptr dereference. Please note: this is completely different vulnerability than 6.4 one. It affects 7.x up to 7.2 and 6.x up to 6.4. It's going to be handled by security team soon.
Video Demo: http://www.vimeo.com/6580991
Update:
There no workarounds for any of these bugs.
I have written exploit codes for all of above, but they are private, and I won't give them to the blackhat community. Exploits will be published at least a week after official security advisory.
The last thing to mention: I received a lot of criticism after article in The Register. Please read some facts. I send few mails: on 29th Aug to security team, on 2nd Sep and 11th Sep directly to the security officer. None of them were responded until 14th September, when the article was out. I haven't published nothing more than a video, as it would made easier to develop independently working exploit. I belive, that this is the only responsible way to handle such security threat. Thanks to The Reg article, system administrators are now aware of threat and can take some countermeasures, like disabling untrusted user accounts, before official patch is available.
Another race condition leading to NULL ptr dereference. Please note: this is completely different vulnerability than 6.4 one. It affects 7.x up to 7.2 and 6.x up to 6.4. It's going to be handled by security team soon.
Video Demo: http://www.vimeo.com/6580991
Update:
There no workarounds for any of these bugs.
I have written exploit codes for all of above, but they are private, and I won't give them to the blackhat community. Exploits will be published at least a week after official security advisory.
The last thing to mention: I received a lot of criticism after article in The Register. Please read some facts. I send few mails: on 29th Aug to security team, on 2nd Sep and 11th Sep directly to the security officer. None of them were responded until 14th September, when the article was out. I haven't published nothing more than a video, as it would made easier to develop independently working exploit. I belive, that this is the only responsible way to handle such security threat. Thanks to The Reg article, system administrators are now aware of threat and can take some countermeasures, like disabling untrusted user accounts, before official patch is available.
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» FreeBSD <= 6.1 Local Root Vulnerability
» FreeBSD 8.0 local root exploit
» Microsoft IIS 0Day Vulnerability
» Linux 2.6.x fs/pipe.c local root exploit
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
» FreeBSD 8.0 local root exploit
» Microsoft IIS 0Day Vulnerability
» Linux 2.6.x fs/pipe.c local root exploit
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum