martin carpenter

contents

2022/01/31
determining password dump origin using n-grams

2015/07/01
escape from ansible

2015/06/24
solaris elfsign vulnerability

2014/10/22
metasploiting nrpe

2014/01/24
readable setuid cores in desktop ubuntu

2014/01/20
enlightenment sysactions vulnerability

most popular

2013/10/22
extracting openssl private keys from core dumps

2013/03/25
john the ripper, cuda, ubuntu

2012/05/05, updated 2012/12/15
ubuntu unity lens for vim

2010/03/11
twofish.rb: pure ruby twofish gem

2010/04/14
ckwtmpx

sun cluster vulnerability

2009/09/22

tags: solaris cluster vulnerability clsetup(1CL) CVE-2009-3433

exploit details

Weak vulnerability, trivially exploitable: clsetup is a setuid root ksh script, world read/executable. Solaris' kernel makes no restriction on setuid scripts (although there are some restrictions in individual shipped interpreters, eg /bin/csh).

timeline

2009/02/24 reported to Sun
2009/02/26 acknowedged by Sun
2009/09/22 Sun published resolution

advisories