On Wed, Oct 20, 2010 at 03:42:33PM +0400, Yury G. Kudryashov wrote: > Lluís Batlle i Rossell wrote: > > > On Wed, Oct 20, 2010 at 11:31:16AM +0200, Eelco Dolstra wrote: > >> Can you elaborate on this Glibc bug? > > > >>From what we talked on irc, I imagine Michael talks about this: > > http://www.exploit-db.com/exploits/15274/ > Had anyone reproduced this bug? I haven't, though I haven't tried with > stdenv-updates. So, I tried in trunk and stdenv-updates. In both I get the following assetion failed in ld: Inconsistency detected by ld.so: dl-open.c: 232: dl_open_worker: Assertion `(call_map)->l_name[0] == '\0'' failed!
I tried also with the payload calling a static 'sh' (with 'execl()'). I got the same message. I have not tried the other procedures described in the NOTES. _______________________________________________ nix-dev mailing list [email protected] https://mail.cs.uu.nl/mailman/listinfo/nix-dev
