For sale: Remote execution exploit
-
Some part of me thinks that this might be a Good Idea (tm), but I can't help but thinking that it's just an attempt to exploit... Exploits.
-
@Sunstorm said:
Some part of me thinks that this might be a Good Idea (tm), but I can't help but thinking that it's just an attempt to exploit... Exploits.
Wooty, local linux kernel leak... on version 2.6.0 to 2.6.20.1. And thus they found something that has been fixed already.
Newsflash: memory leak found in 2.4.18 kernel. Just keep opening and closing a serial device and you'll run out of kernel memory eventualy. (Running an ancient kernel is not always fun)
-
@Sunstorm said:
Some part of me thinks that this might be a Good Idea (tm), but I can't help but thinking that it's just an attempt to exploit... Exploits.
Or get them for free from milw0rm :-)
-
@DaveK said:
@Sunstorm said:
Some part of me thinks that this might be a Good Idea (tm), but I can't help but thinking that it's just an attempt to exploit... Exploits.
Or get them for free from milw0rm :-)
Exactly what I was going to say... They're basically selling exploits that are freely available (and usually initially announced) on mailing lists like Bugtraq, as well as several sites (such as Milw0rm)...
-
@Daniel15 said:
@DaveK said:
@Sunstorm said:
Some part of me thinks that this might be a Good Idea (tm), but I can't help but thinking that it's just an attempt to exploit... Exploits.
Or get them for free from milw0rm :-)
Exactly what I was going to say... They're basically selling exploits that are freely available (and usually initially announced) on mailing lists like Bugtraq, as well as several sites (such as Milw0rm)...Actually I don't think they are... from what I saw, they announced they had these sploits for sale, then over the next few days people managed to reproduce them based on the limited descriptions they gave. See, e.g. the thread "SquirrelMail GPG Plugin vuln" on the DailyDave list.