Full Disclosure mailing list archives

Re: vsFTPd remote code execution

From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Tue, 13 Dec 2011 14:56:38 -0500

Anyone with an up2date linux local root which only makes use of syscalls? :>


This is all fun stuff, and definitely worth looking into further, but
if you've got a local kernel exploit that you can trigger from inside
vsftpd, you don't need this (potential) vulnerability in vsftpd - you
already win.

-Dan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

vsFTPd remote code execution HI-TECH . (Dec 13)
- Re: vsFTPd remote code execution Dan Rosenberg (Dec 13)
  - Re: vsFTPd remote code execution HI-TECH . (Dec 13)
    - Re: vsFTPd remote code execution Dan Rosenberg (Dec 13)
    - Re: vsFTPd remote code execution HI-TECH . (Dec 13)
    - Re: vsFTPd remote code execution Chris Evans (Dec 13)
    - Re: vsFTPd remote code execution HI-TECH . (Dec 15)
    - Re: vsFTPd remote code execution xD 0x41 (Dec 15)
    - Re: vsFTPd remote code execution Chris Evans (Dec 17)
- Re: vsFTPd remote code execution Ramon de C Valle (Dec 13)
  - Re: vsFTPd remote code execution HI-TECH . (Dec 13)
- Re: vsFTPd remote code execution Rodrigo Rubira Branco (BSDaemon) (Dec 16)