On Thu, 2017-02-02 at 06:40 -0800, John R Pierce wrote: > On 2/2/2017 6:22 AM, Leonard den Ottolander wrote: > > However, the fact that the binary in the example is setuid is orthogonal > > to the fact that heap spraying is a very serious attack vector. > > without privilege escalation, what does it attack ? pkcheck might not be directly vulnerable. However, pkexec is. Closing these bugs because pkcheck might not be directly vulnerable also stops pkexec from being fixed. And pkexec clearly is vulnerable. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Re: Serious attack vector on pkcheck ignored by Red Hat
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Serious attack vector on pkcheck ignored by Red Hat
- From: Leonard den Ottolander <leonard@xxxxxxxxxxxxxxxxx>
- Date: Thu, 02 Feb 2017 15:51:05 +0100
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <bf79662d-62a9-fd7d-bc4d-c96340029f74@hogranch.com>
- References: <1486045336.5163.6.camel@quad> <bf79662d-62a9-fd7d-bc4d-c96340029f74@hogranch.com>
- Follow-Ups:
- Re: Serious attack vector on pkcheck ignored by Red Hat
- From: Gordon Messmer
- Re: Serious attack vector on pkcheck ignored by Red Hat
- References:
- Serious attack vector on pkcheck ignored by Red Hat
- From: Leonard den Ottolander
- Re: Serious attack vector on pkcheck ignored by Red Hat
- From: John R Pierce
- Serious attack vector on pkcheck ignored by Red Hat
- Prev by Date: Re: Serious attack vector on pkcheck ignored by Red Hat
- Next by Date: Re: Serious attack vector on pkcheck ignored by Red Hat
- Previous by thread: Re: Serious attack vector on pkcheck ignored by Red Hat
- Next by thread: Re: Serious attack vector on pkcheck ignored by Red Hat
- Index(es):
 |