[CentOS] Serious attack vector on pkcheck ignored by Red Hat
John R Pierce
pierce at hogranch.comThu Feb 9 21:16:30 UTC 2017
- Previous message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Next message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2/9/2017 1:03 PM, Leonard den Ottolander wrote: > Not necessarily. Suppose the adversary is aware of a root > exploit/privilege escalation in a random library. Then the heap spraying > allows this attacker to easily trigger this exploit because he is able > to initialize the entire contents of the heap to his liking and thus > call whatever function he likes, including the one that will cause the > root exploit. if the adversary is aware of this exploit and has a login (required to invoke pkexec in the first place), they can simply execute a C program to invoke it, they don't need to mess about with what you're describing. -- john r pierce, recycling bits in santa cruz
- Previous message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Next message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list