[Dailydave] XFS Byte Swapping Fun
Dave Aitel
dave at immunityinc.com
Wed Oct 3 09:31:48 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
So we got X86 Solaris support into MOSDEF just in time - this morning
I noticed that iDefense's Sean Larsson has released an advisory on
XFS. We've put a working remote exploit for Solaris into CANVAS Early
Updates[1]. Good default anonymous remotes don't come out every day.
Solaris is still all over the place so this sort of thing is quite
interesting.
With a fairly different bug like this one, it's always fun to see how
everyone else exploits the byte-swapping primitive. Sinan Eren's way
of doing it is cool, but I certainly never would have thought of it.
- -dave
[1] http://www.immunityinc.com/products-early_updates.shtml - 9K per
quarter - that's about one dollar a Solaris box if you do enough
pen-tests! :>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHA5nDtehAhL0gheoRAjiJAJ9i59lkvJbjIKUKhZN7Qae0iFbLCgCfWIhb
sjCEtziVBmH+LGL/niUJ6xw=
=faNC
-----END PGP SIGNATURE-----
More information about the Dailydave
mailing list