FreeBSD telnetd privilege escalation
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
FreeBSD telnetd privilege escalation
updated since 16.02.2009
Published:
17.02.2009
Source:
FULL-DISCLOSURE
SecurityVulns ID:
9680
Type:
remote
Level:
9
/10
Description:
LD_xxx environment variable are not cleared on 'login' execution, makeing it's possible to execute code witi root privileges. For remote exploitation it's required to have ability to upload the file to remote system (via FTP, Web, etc).
Affected:
FREEBSD
:
FreeBSD 7.0
FREEBSD
:
FreeBSD 7.1
Original document
FREEBSD
,
FreeBSD Security Advisory FreeBSD-SA-09:05.telnetd
(
17.02.2009
)
Kingcope Kingcope
,
[Full-disclosure] FreeBSD zeroday
(
16.02.2009
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
