Unbelievably simple bug in FreeBSD which gives untrusted root access
A security bug in the latest version of FreeBSD can be exploited to grant unprivileged users complete control over the operating system, a German researcher said Monday. The exploit was discovered and exploited by Nikolaos Rangos also known as Kingcope.
This was disclosed in the Full Disclosure Mailing List him. Shortly after this disclosure, other researchers said they were able to confirm the bug.
The bug resides in FreeBSD’s run-time link editor. A binary run by an unprivileged user can be executed with administrative privileges in a restricted environment.
A security advisory containing a “not fully developed” patch for this has been posted in FreeBSD mail Archive.
linux and simple exploit..
wow..
He said FreeBSD, not linux, not even the *BSDs, only FreeBSD. It probably has been fixed with a temporary workaround within seconds for important servers, as for the FreeBSD desktop users, they usually don’t offer user accounts to the public, so it does not really affect them.