Running programs (including set?id ones) without argv (execle(f,0,0)) causes many of them to die with a segmentation violation when they blindly try to access argv[0]. This could be exploited in denial-of-service attacks if the program has opened a lock file before segfaulting, though I haven''t found any yet. I can''t think of a way for this to give a root shell. -Topi
Seemingly Similar Threads
- What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service
- klibc-1.5.17 build failure on mips
- (Fwd) [SA11578] Icecast Basic Authorization Denial of Service
- Security hole in Debian 1.1 dosemu package
- Summer student internship placement at University of York / YCCSA / SEI (paid)