30
Dec
This will be very short post… I have found (few months ago) security vulnerability in one of Apache server/module. I contact with apache security team. After few days I will decide about “future” of this bug – publish or wait for security path and publish after it. Now I can paste here simple output from gdb:
Program received signal SIGSEGV, Segmentation fault. 0x0000003fec682958 in memcpy () from /lib64/libc.so.6 Missing separate debuginfos, use: debuginfo-install expat-2.0.1-6.fc11.1.x86_64 glibc-2.10.1-5.x86_64 nss-softokn-freebl-3.12.4-3.fc11.x86_64 (gdb) bt #0 0x0000003fec682958 in memcpy () from /lib64/libc.so.6 #1 0x000000000043083c in inet_addr () #2 0x000000000042a796 in inet_addr () #3 0x000000000042975f in inet_addr () #4 0x000000000041d8f5 in inet_addr () #5 0x0000000000432a29 in inet_addr () #6 0x000000000044bc88 in inet_addr () #7 0x000000000044bceb in inet_addr () #8 0x0000000000441344 in inet_addr () #9 0x0000000000441521 in inet_addr () #10 0x00000000004416a7 in inet_addr () #11 0x0000000000441f5f in inet_addr () #12 0x0000000000442820 in inet_addr () #13 0x0000003fec61ea2d in __libc_start_main () from /lib64/libc.so.6 #14 0x0000000000403399 in inet_addr () #15 0x00007fffffffe618 in ?? () #16 0x000000000000001c in ?? () #17 0x0000000000000002 in ?? () #18 0x00007fffffffe87d in ?? () #19 0x00007fffffffe899 in ?? () #20 0x0000000000000000 in ?? ()
Best regards,
Adam Zabrocki
15
Dec
More than year ago I was publish advisory in ‘mtr’ software. I think, personally, it is great bug because it can’t exist without unspecified situation in libresolv library 🙂 The question is why have I written information about it on blog?
I forgot add this advisory in my site (sic!) 🙂 Now it’s ok and you can find this advisory here.
I attached to this advisory details and Proof Of Concept. If you haven’t read it yet i strongly recommend you to do it because it shows that sometimes if we read source code we think bug doesn’t exists but sometimes other external stuff/bugs/unspecified situation help us to trigger and exploit unexisting bug 🙂
Here is link – once again:
http://site.pi3.com.pl/adv/advisory-libresolv-mtr.txt
Btw. In future I want to continue research about CPU bugs and probably it will cause news posts in this topic 🙂
Best regards,
Adam Zabrocki
6
Dec
Is it a dream? Impossible? Bugs in CPU? No… it’s reality! CPU is only a piece of hardware. Everything have bugs… CPU too. I will give here only a piece of information about bugs in INTEL products…
OK. I haven’t written long time on blog. Today I want to show you what sometimes
yum can do without your knowledge. Few days ago I was upgrading one of system using yum.
Everything looked fine. I was happy that sometimes yum is useful. After work I went sleep
and next day I received messages that smth is fu** up with www…