CVE-2010-3856 Exploit | @Mediaservice.net Technical Blog

On 4 Feb, 2011
By Marco Ivaldi (aka raptor)

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so (CVE-2010-3856).

http://lab.mediaservice.net/code/raptor_ldaudit
MD5: 8258ca708474ed86adb154c899bb1c12
SHA-1: a18a591faff0382ac3a54522acf3ee709e3b7d44
http://lab.mediaservice.net/code/raptor_ldaudit2
MD5: cce9edfc7ff62c900a5aff57a50caf2b
SHA-1: 3761f7987e39960d329c1bfa7e80f3c90c0c04ec

CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution
From query manipulation to password extraction
Reliable discovery and exploitation of Java deserialization vulnerabilities
CVE-2018-14665 exploit: local privilege escalation on OpenBSD 6.3 and 6.4
CVE-2006-5229
WarVOX patch

Written by: Marco Ivaldi (aka raptor) on February 4, 2011.

Related Posts