Sniffit is a packet sniffer and monitoring tool.
The attacker can create a specially-crafted sniffit configuration file, which is able
to bypass all three protection mechanisms:
- Non-eXecutable bit NX
- Stack Smashing Protector SSP
- Address Space Layout Randomisation ASLR
And execute arbitrary code with root privileges.
Exploit, fix and discussion in:
http://hmarco.org/bugs/CVE-201
Regards,
Hector Marco.
http://hmarco.org
Cybersecurity researcher at:
http://cybersecurity.upv.es/
Komentarų nėra:
Rašyti komentarą