Hi, On Sat, Aug 15, 2009 at 11:04 AM, Bharathi Subramanian < [email protected]> wrote:
> >The bug involves the way kernel-level routines such as sock_sendpage > >react when they are left unimplemented. Instead of linking to a > >corresponding placeholder, (for ex, sock_no_accept), the function > >pointer is left uninitialized. Sock_sendpage doesn't always validate > >the pointer before dereferencing it, leaving the OS open to local > >privilege escalation that can completely compromise the underlying > >machine. > Here is the exploit : http://www.milw0rm.com/exploits/9436 :) -- A computer is like air conditioning: it becomes useless when you open windows. <-Fighting 4 Freedom-> _______________________________________________ To unsubscribe, email [email protected] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
