Date: Thu, 12 Jul 2001 13:29:53 -0400 From: Gabriel Rocha <grocha@geeksimplex.org> To: security@FreeBSD.ORG Subject: Re: FreeBSD 4.3 local root Message-ID: <20010712132953.C1020@geeksimplex.org> In-Reply-To: <001f01c10af7$9b42f120$97625c42@alexus>
next in thread | previous in thread | raw e-mail | index | archive | help
couple of points: 1-It does not work for me; FreeBSD lorax.neutraldomain.org 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Sat Jun 23 01:52:58 PDT 2001 root@lorax.neutraldomain.org:/usr/src/sys/compile/lorax i386 2-At first I tried it with /tmp mounted no-exec (thats what i have in fstab) I thought that was why the exploit didnt work, remounted /tmp without the no-exec flag and tried again. It still does not work, it hangs for hours on end, this last iteration has been running for a couple days now and nothing has come of it. Ideas on why it doesnt work? --gabe ,----[ On Thu, Jul 12, at 01:25PM, alexus wrote: ]-------------- | is there any fix for that? | | > > about how long does the exploit run before giving you a root shell? | > | > Immediately. Shellcode calls /tmp/sh, not /bin/sh, so copy it to /tmp. `----[ End Quote ]--------------------------- -- "It's not brave if you're not scared." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010712132953.C1020>