Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability

On Wed, 11 Oct 2006, iDefense Labs wrote: III. ANALYSIS Exploitation allows local attackers to elevate privileges to root. http://www.0xdeadbeef.info/exploits/raptor_libnspr Oldschool style;) I'll probably code a universal exploit using /etc/ld.so.preload on next week... But now the

iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability

Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability iDefense Security Advisory 10.11.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 11, 2006 I. BACKGROUND The Netscape Portable Runtime (NSPR) API allows compliant applications to use system facilities such