Entries tagged shellcode

Related tags: advisories, doing-stuff, sourcescan.

I'm starving now, feeling dead on my feet

Sunday, 1 July 2007

Three, count them, three local root exploits discovered so far via the source scan of the Debian archive. More to follow.

Right now my biggest irritation is the amount of time it takes to report bugs in packages which don't have security issues - just bad coding. It takes me a fair while to do it, since I either have to install the package and use "reportbug", or lookup version numbers and submit manually. I should think of a better way of doing it.

| No comments


Unknown, even to its own employees, its massive profits are generated by military technology, genetic experimentation and viral weaponry

Sunday, 24 June 2007

The scanning of the Debian source archive for security bugs has begun.

I've wrote about this previously and there was some interest in how it worked, so I've put up a simple webpage describing the process.

There are a lot of results to go through, but so far I've managed to find one local root exploit and many many many trivial problems.

Sample bugs:

Unfortunately my usertags seem to be broken. This was working a day or two ago. Not sure if I fucked up or if the BTS is broken ..?

| No comments


Recent Posts

Recent Tags