i386/141095: Wed Dec 2 08:27:44 CET 2009
Michael
michal.manterys at gmail.com
Wed Dec 2 07:30:02 UTC 2009
>Number: 141095
>Category: i386
>Synopsis: Wed Dec 2 08:27:44 CET 2009
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 02 07:30:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Michael
>Release: FreeBSD 7.2-STABLE
>Organization:
The state administration.
>Environment:
FreeBSD host 7.2-STABLE FreeBSD 7.2-STABLE #1: Tue Dec 1 19:42:43 CET 2009 manti at host:/usr/src/sys/i386/compile/HQ8_IPFW_IPF i386
>Description:
http://lists.grok.org.uk/pipermail/full-disclosure/2009-November/071689.html
$ id -a
uid=1018(user) gid=1018(user) groups=1018(user)
$ ./test.sh
env env.c program.c program.o test.sh w00t.so.1.0 FreeBSD local r00t zeroday
by Kingcope
November 2009
env.c: In function 'main':
env.c:5: warning: incompatible implicit declaration of built-in function 'malloc'
env.c:9: warning: incompatible implicit declaration of built-in function 'strcpy'
env.c:11: warning: incompatible implicit declaration of built-in function 'execl'
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
ALEX-ALEX
#id -a
uid=1018(user) gid=1018(user) euid=0(root) groups=1018(user)
>How-To-Repeat:
Install patch:
cd /usr/src/libexec/rtld-elf
fetch http://wojciech.sychut.eu/rtld.patch
patch < rtld.patch
make clean
make
make install
and patch don't work for 7.2-STABLE:
$ id -a
uid=1018(user) gid=1018(user) groups=1018(user)
$ ./test.sh
env env.c program.c program.o test.sh w00t.so.1.0 FreeBSD local r00t zeroday
by Kingcope
November 2009
env.c: In function 'main':
env.c:5: warning: incompatible implicit declaration of built-in function 'malloc'
env.c:9: warning: incompatible implicit declaration of built-in function 'strcpy'
env.c:11: warning: incompatible implicit declaration of built-in function 'execl'
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
ALEX-ALEX
#id -a
uid=1018(user) gid=1018(user) euid=0(root) groups=1018(user)
>Fix:
??
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-i386
mailing list