search for: pcheck

...- Client code in application controller: require ''drb'' class ApplicationController < ActionController::Base protect_from_forgery def parser_svc # svc = nil svc = DRbObject.new nil, ''druby://:9000'' svc end end main controller: def pcheck svc = parser_svc res = svc.check render :text => res end when called and server is running get this error: DRb::DRbConnError (druby://:9000 - #<Errno::EADDRNOTAVAIL: The requested address is not valid in its context. - connect(2)>): app/controllers/main_controller.rb:...

...see how a flaw in pkcheck gives you something here that > you don?t already have. On many systems local users cannot execute their own uploaded binaries (noexec mounts). This would also be true for an adversary entering a system with a remote "unprivileged" exploit. In that situation pcheck gives them a "crow bar" they did not have before. > A vulnerable library is a vulnerable library. Fix the library, don?t > invent reasons to fix all the other programs on the system because the > library is vulnerable. I would say the modus operandi should be to eliminate all...

On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote: > Escalation *requires* attacking a program in a security context other > than your own. Not necessarily. Suppose the adversary is aware of a root exploit/privilege escalation in a random library. Then the heap spraying allows this attacker to easily trigger this exploit because he is able to initialize the entire contents of the

...Give me a scenario where this attacker can execute *only* pkcheck > > On many systems local users cannot execute their own uploaded binaries > (noexec mounts). This would also be true for an adversary entering a > system with a remote "unprivileged" exploit. In that situation pcheck > gives them a "crow bar" they did not have before. So you?ve now sprayed the heap on this system, but you can?t upload anything else to it because noexec, so?now what? What has our nefarious attacker gained? >> A vulnerable library is a vulnerable library. Fix the library, d...

...ot;, ensure => directory, recurse => true, purge => true } yumrepo { pkg_repo: descr => "Packages Repository", enabled => 1, baseurl => "http://Some/path/", gpgcheck => 0, require => File[yum_repo_d] } Every time I run pcheck now, the file is deleted and recreated and pcheck gripes about the file being there and needing to be deleted. The workaround, of course, is to use templates but that''s broken. verbose noop gives the following notice every time: notice: //workstation/base/yum_base/File[/etc/yum.repos.d/...