Eli Kara wrote:
Does this
[EMAIL PROTECTED]:~$ ./poc /usr/bin/passwd
core dumped!
mean we are not vulnerable?
Shachar
Taken from the article:
"A proof of concept code is listed at the end of this article that just core
dumps the non-readable but executable ELF file."
Yes, you are vulnerable. Specifically, the PoC demonstrates it is possible for
an unprivileged user to read a non-readable ELF executable file. Mind you,
the PoC is a proof of only ONE of the bugs present in the ELF loader.
Hope this helps.
I didn't make it non-readable. In short, it doesn't mean anything. Oh
well....
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
http://www.lingnu.com/
