Xavier's Security Post: F-Secure Internet Gatekeeper for Linux local root

.comment-link {margin-left:.6em;}

Xavier's Security Post

Monday, November 07, 2005

F-Secure Internet Gatekeeper for Linux local root

I discovered a hole in the F-Secure's Internet Gatekeeper for Linux software package. It takes some special conditions to allow for the attack to be successful. They go as follows:

1) you need local user access to the machine with FSIGK
2) you need executable permissions to the SUID binaries in question
3) you need to have access to a writable directory, in order to create an arbitrary file.

And those are usually trivial conditions to achieve. Here's a link to the Advisory. The exploit is within the advisory, in GnuPG format. Do check on the Tigerteam.se website for the password.

¶ 11/07/2005 09:03:00 PM

Comments: Post a Comment

<< Home

This public blog will be a place for me to output any Security findings, both technological and physical, that I have come about. I will post Security advisories I was apart of, and also other interesting bits of knowledge. email: xavier [at] tigerteam.se

RECENT RELEASES

Rocks Clusters <=4.1 mount-loop local root
Rocks Clusters <=4.1 umount-loop local root
TSEAD-200606-6 - Rocks Clusters <=4.1 local root
xorgmodroot.py - Xorg-server 1.0 / <=X11R6.9.0-7.0 local root
TSEAD-200509-5 - Multiple Netscape.com vulnerabilities.
TSEAD-200512-3 - Multiple vulnerabilities in KISBG <=v5.1.1
fsigk_exp.py - FSIGK for Linux <=2.10-431 local root
TSEAD-200510-4 - FSIGK for Linux <=2.10-431 advisory
ritk.php - remote inclusion pentest tool
owm_exp.py - openwebmail <=2.51+ local root
perliodebug_exp.py - perlIO_debug 5.8.* local root
bankfix.py - bank card number lookup tool
TSEAD-200412-2 - AOL XSS/file read vuln
TSEAD-200412-1 - AOL redir vuln

ARCHIVES

September 2005 / October 2005 / November 2005 / December 2005 / March 2006 / April 2006 / May 2006 / June 2006 / July 2006 / September 2006 / October 2006 /