Re: URGENT: Update to ld.so advisory

The Nolander (nolander@WEBSERVICES.SE)
Fri, 18 Jul 1997 19:00:41 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Lewis: "Re: [linux-security] KSR[T] Advisory #2: ld.so"
Previous message: The Nolander: "Correction to my previous message (ld.so)"
Maybe in reply to: KSR[T]: "URGENT: Update to ld.so advisory"

I looked through the source to check if there was to see if there
was any variable there that could be used to gain immediate root-access
on all Linux-systems, but found none...

Havn't found any other way to gain immediate root-access with this one,
w/o another bug being present to trash a library 'n then start a static
shell and put the lib there again...

or ofcourse, the system can have old libraries for new files... but I
guess that isn't very usual ;)

or if there's a way to use another cache-file...

Well.. If anyone have anyone has gotten another answer in their search,
then please let us (or atleast me ;)) know.. =)

Btw... While looking through the source I found an overflow for LD_PRELOAD
on the same line..... perhaps it's a remote vuln. for old dists who has
the old 'libroot' bug...

Next message: Jon Lewis: "Re: [linux-security] KSR[T] Advisory #2: ld.so"
Previous message: The Nolander: "Correction to my previous message (ld.so)"
Maybe in reply to: KSR[T]: "URGENT: Update to ld.so advisory"