Thursday, July 30, 2009

pwned

Today I proudly realized, while viewing Referer logs, I
have been nominated for the Best Privilege Escalation
Bug in the pwnie-awards for discovering and exploiting
CVE-2009-1185 (udev). The story behind that is that
I was frustrated to have no root-sex within the last
6 months or so (since postfix) and therefore
I started reviewing the glibc ELF loader for such which lead me
somehow to certain daemons such as nscd followed by
hald and finally udevd. I quickly realized that it missed
important checks but the impact was unknown to me since
it kindly denied my exploitation offers until I found my way in.

You might be surprised to hear that I am not really
a security guy and used to stay away from sec-con events,
even though I work in that field.
I rather see myself as a programmer with interest in coding
and reading other peoples code and its often funny to
watch and follow discussions by the "security professionals".

The thing that makes me actually commenting on this is the
nice coincide with the nomination of my hero Solar Designer. :)
Posted by at

2 comments:

taviso said...

Congratulations, it was an awesome find.

July 30, 2009 at 9:02 AM
Sebastian said...

Oh thanks.That makes me proud, especially
to hear that from the pulseaudio
guys.A bug that was designed to
be found by me, but we do not ship it
setuid. :-)

July 31, 2009 at 1:25 AM

Post a Comment

Subscribe to: Post Comments (Atom)