2009-07-20 FreeBSD 7.2 (pecoff executable) Local Denial of
Service Exploit 23 R D Shaun Colley
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Wed Nov 11 19:37:52 UTC 2009
Wed, Nov 11, 2009 at 07:14:48PM +0100, Damian Weber wrote:
> FWIW, I got another result on 6.4-STABLE
>
> FreeBSD mymachine.local 6.4-STABLE FreeBSD 6.4-STABLE #6: Sat Oct 3 13:06:12 CEST 2009 root at hypercrypt.local:/usr/obj/usr/src/sys/MYMACHINE i386
>
> $ ./pecoff
> MZaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa????aaaa
> [I'm truncating here, ~3500 a's follow]aaaaa: File name too long
You have no pecoff module loaded or compiled-in to the kernel,
aren't you? Your "File name too long" is spitted by the shell,
so it was not handled by the PE loader at all.
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-security
mailing list