www.halfdog.net
/
Security
/ 2015 /
Index of 2015 Security Activities
20150225
UpstartLogrotationPrivilegeEscalation
: get root by writing to
/run/user/[uid]
20150313
HavingFunWithDmesg
: getting security relevent information from dmesg as normal user
20150316
SafeRowhammerPrivilegeEscalation
: POC study how to get row-hammer attack 100% risk-free
20150905
ApportKernelCrashdumpFileAccessVulnerabilities
: Symlink DOS/privilege escalation on apport kernel_crashdump
20151214
MandbSymlinkLocalRootPrivilegeEscalation
: Use symlinks to escalate from user
man
to root via cronjob
20151214
SetgidDirectoryPrivilegeEscalation
: Setgid directory behaviour allows to escalate to group owner of the directory
20151215
NtpCronjobUserNtpToRootPrivilegeEscalation
: Escalate from ntp.org ntp user to root via daily cronjob
20151220
PtChownArbitraryPtsAccessViaUserNamespace
: Use pt_chown and namespaces to gain arbitrary pts access
20151224
UserNamespaceOverlayfsSetuidWriteExec
: Linux user namespaces overlayfs local root
Last modified 20171231
Contact e-mail: me (%) halfdog.net