I guess this is time for half-baked ASLR in xnu... On Tue, Mar 24, 2009 at 7:46 AM, <[email protected]> wrote:
> thanks to the person who bothered to let me know the links were *slighty* > wrong, that is what you get trying to stay awake to beat jet-lag... > > Quoting [email protected]: > > > All - the following are the exploits from the recent demonstrations at > > > > Apple Mac OSX >= 10.4.0 local kernel root > > > > http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.c > http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.sh > > > > > FreeBSD >= 7.0 ktimer local kernel root > > (http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc) > > > > http://www.digit-labs.org/files/exploits/bsd-ktimer.c > > > > other random stuff.. > > > > http://www.digit-labs.org/files/exploits/xnu-macfsstat-leak.c > > http://www.digit-labs.org/files/exploits/xnu-profil-leak.c > > http://www.digit-labs.org/files/exploits/xnu-appletalk-zip.c > > > > all the above are old now, but still exist today... > > > > christer/mu-b > > -- > > mu-b > > ([email protected]) > > > > "Only a few people will follow the proof. Whoever does will > > spend the rest of his life convincing people it is correct." > > - Anonymous, "P ?= NP" > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Rubén Camarero CCNA, CISSP
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
