Linux Today: Linux News On Internet Time.

More on LinuxToday

Root exploit for FreeBSD

Dec 01, 2009, 18:48 (3 Talkback[s])

"The problem is caused by a flaw in the run-time link editor (rtld) which, in certain circumstances, accepts specially crafted environment variables. According to Kingcope, the developer of the exploit, the flaw is "incredibly easy" to exploit by, for example, setting a path to a specially crafted library for the LD_PRELOAD environment variable and then starting an SUID program like Ping."

Complete Story

Related Stories: