[Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

2006-07-12T00:00:00
ID SECURITYVULNS:DOC:13491
Type securityvulns
Reporter Securityvulns
Modified 2006-07-12T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Maybe this is obvious for Paul Starzetz (as well as many other people) but full-disclosure is not really "full" without exploit code.

Working exploit attached. You can also download it from: http://www.rs-labs.com/exploitsntools/rs_prctl_kernel.c

Greetz to !dSR ppl :-)


Saludos, - -Roman

PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32)

iD8DBQFEtD815H+KferVZ0IRAjhKAKCtHnTCwV0D/kH3dt0HItQUPZ/JegCglaQM vO8VFJyxf+EXy2buqTK4kVM= =dzRm -----END PGP SIGNATURE-----