Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Cyborg)
  • No Skin
Collapse
Brand Logo

CIRCLE WITH A DOT
  1. Home
  2. Uncategorized
  3. Do not forget to patch your systems!

Do not forget to patch your systems!

Scheduled Pinned Locked Moved Uncategorized
5 Posts 5 Posters 0 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • lcamtuf@infosec.exchangeL This user is from outside of this forum
    lcamtuf@infosec.exchangeL This user is from outside of this forum
    lcamtuf@infosec.exchange
    wrote last edited by
    #1

    Do not forget to patch your systems!

    Link Preview Image
    faraiwe@mstdn.socialF iagox86@infosec.exchangeI fritzadalis@infosec.exchangeF rst@mastodon.socialR 4 Replies Last reply
    1
    0
    • lcamtuf@infosec.exchangeL lcamtuf@infosec.exchange

      Do not forget to patch your systems!

      Link Preview Image
      faraiwe@mstdn.socialF This user is from outside of this forum
      faraiwe@mstdn.socialF This user is from outside of this forum
      faraiwe@mstdn.social
      wrote last edited by
      #2

      @lcamtuf roflmao

      1 Reply Last reply
      0
      • lcamtuf@infosec.exchangeL lcamtuf@infosec.exchange

        Do not forget to patch your systems!

        Link Preview Image
        iagox86@infosec.exchangeI This user is from outside of this forum
        iagox86@infosec.exchangeI This user is from outside of this forum
        iagox86@infosec.exchange
        wrote last edited by
        #3

        @lcamtuf Anyone got pdp-11 shellcode handy? Is the stack +x??

        1 Reply Last reply
        0
        • lcamtuf@infosec.exchangeL lcamtuf@infosec.exchange

          Do not forget to patch your systems!

          Link Preview Image
          fritzadalis@infosec.exchangeF This user is from outside of this forum
          fritzadalis@infosec.exchangeF This user is from outside of this forum
          fritzadalis@infosec.exchange
          wrote last edited by
          #4

          @lcamtuf
          CVE-1973-1

          1 Reply Last reply
          1
          0
          • R relay@relay.infosec.exchange shared this topic
          • lcamtuf@infosec.exchangeL lcamtuf@infosec.exchange

            Do not forget to patch your systems!

            Link Preview Image
            rst@mastodon.socialR This user is from outside of this forum
            rst@mastodon.socialR This user is from outside of this forum
            rst@mastodon.social
            wrote last edited by
            #5

            @lcamtuf This code has a lot of problems. Like the race vuln in /bin/mkdir.

            In pdp-11 Unix, mkdir was a suid-root program that did a mknod to create the directory, and then a chown to change its ownership to other-than-root. But something else could rename the directory after the mknod, and replace it with a link to, e.g., /etc/passwd, which would then get chowned.

            On later versions with ^Z job control, a ^Z on mkdir had good odds of catching it between the two syscalls; no code required.

            1 Reply Last reply
            0
            • R relay@relay.an.exchange shared this topic
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes

            • Login
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • World
            • Users
            • Groups