GNU libc 2.12.1 LD_AUDIT libpcprofile.so Local Root

!/bin/sh Exploit Title: GNU libc /tmp/libxpl.c /dev/null cat /tmp/libxpl.so /lib/libxpl.so rm -rf /tmp/libxpl.c /tmp/libxpl.so LDAUDIT="libxpl.so" ping...

glibc LD_AUDIT arbitrary DSO load Privilege Escalation

No description provided by source. !/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file descriptor and using...

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads ------------------------------------------------------------------------------- Cześć, This advisory describes CVE-2010-3856, an addendum to...