> Failed on Ubuntu 10.10 (2.6.35-23-generic) > > t...@bifrost:/tmp$ uname -a > Linux bifrost 2.6.35-23-generic #41-Ubuntu SMP Wed Nov 24 11:55:36 UTC > 2010 x86_64 GNU/Linux > > t...@bifrost:/tmp$ ./a.out > [*] Resolving kernel addresses... > [+] Resolved econet_ioctl to 0xffffffffa03d9610 > [+] Resolved econet_ops to 0xffffffffa03d9720 > [+] Resolved commit_creds to 0xffffffff810863c0 > [+] Resolved prepare_kernel_cred to 0xffffffff81086890 > [*] Calculating target... > [*] Triggering payload... > [*] Exploit failed to get root. > > > > 2010/12/7 coderman <coder...@gmail.com>: >> On Tue, Dec 7, 2010 at 12:25 PM, Dan Rosenberg >> <dan.j.rosenb...@gmail.com> wrote: >>> ... I've included here a proof-of-concept local privilege escalation >>> exploit... >>> * This exploit leverages three vulnerabilities to get root, all of >>> which were >>> * discovered by Nelson Elhage: >>>... >>> * However, the important issue, CVE-2010-4258, affects everyone, and >>> it would >>> * be trivial to find an unpatched DoS under KERNEL_DS and write a >>> slightly >>> * more sophisticated version of this... >> >> nice :) >> >> clearly demonstrates why risk is complicated and seemingly minor >> defects (worth delaying patches for weeks/months? ;) can combine into >> truly ugly vulnerabilities... >>
Failed also as expected on my custom 2.6.32.25-grsec #3 SMP x86_64 GNU/Linux . Nice found anyway while we are waiting for other versions :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
