Sunday, April 18, 2010

CVE-2010-0436 PoC


The fixes for the CVE-2010-0436 have been released last week,
so comes the PoC. I wonder nobody has already done it yet,
as its an easier one. Its a classic symlink attack in KDM
with an additional "trick" that requires to keep the
directory where the vulnerability happens has to be/made
owned by the user in order to work.
The vulnerabilities in-depth description is here.

1 comment:

Andre said...

Nice greetings ;) (and thx for the explanation).