/>
X

Exploit published for FreeBSD local root vulnerability

The FreeBSD security team has rushed out a temporary patch to cover a local root vulnerability that exposes users to code execution attacks.
ryan-naraine.jpg
Written by Ryan Naraine, Contributor on

The FreeBSD security team has rushed out a temporary patch to cover a local root vulnerability that exposes users to code execution attacks. The patch follows the public release of exploit code on the Full-Disclosure mailing list.

Here's a simple explanation of the problem from "Kingcope," the hacker who released the exploit:

The bug resides in the Run-Time Link-Editor (rtld). Normally rtld does not allow dangerous environment variables like LD_PRELOAD to be set when executing setugid binaries like "ping" or "su". With a rather simple technique rtld can be tricked into accepting LD variables even on setugid binaries.

FreeBSD security officer Colin Percival confirmed the issue could allow a local user to execute arbitrary code as root.  It affects FreeBSD versions 7.1 and 8.0.

Percival said FreeBSD patch is buyer-beware because it was rushed out on short notice.

Normally it is the policy of the FreeBSD Security Team to not publicly discuss security issues until an advisory is ready, but in this case since exploit code is already widely available I want to make a patch available ASAP. Due to the short timeline, it is possible that this patch will not be the final version which is provided when an advisory is sent out; it is even possible (although highly doubtful) that this patch does not fully fix the issue or introduces new issues -- in short, use at your own risk (even more than usual).

The patch is available here.  See more from Threatpost's Dennis Fisher.

Related

This stuff is better than compressed air for cleaning your dirty tech
img-6864

This stuff is better than compressed air for cleaning your dirty tech

Office Hardware & Appliances
Are you ready for the worst Economy Class airline seats in the world?
airline-seats.jpg

Are you ready for the worst Economy Class airline seats in the world?

Business
Google looks to reduce pushback bias in developers' software code review
close up programmer man hand typing on keyboard at computer desktop for input coding language to software for fix bug and defect of system in operation room , technology concept

Google looks to reduce pushback bias in developers' software code review

Developer