{"id":132848,"date":"2009-12-02T11:10:29","date_gmt":"2009-12-02T16:10:29","guid":{"rendered":"http:\/\/www.linuxscrew.com\/?p=890"},"modified":"2009-12-02T11:10:29","modified_gmt":"2009-12-02T16:10:29","slug":"quick-fix-of-freebsd-rtld-vulnerability","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/132848","title":{"rendered":"Quick fix of FreeBSD rtld vulnerability"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignright\" title=\"freebsd logo\" src=\"http:\/\/www.linuxscrew.com\/wp-content\/uploads\/2007\/09\/freebsd_logo.thumbnail.png\" alt=\"\" width=\"109\" height=\"128\" \/>Yesterday really <a href=\"http:\/\/docs.freebsd.org\/cgi\/getmsg.cgi?fetch=0+0+current\/freebsd-announce\">serious<\/a> security bug <a href=\"http:\/\/securitytracker.com\/alerts\/2009\/Dec\/1023250.html\">was found<\/a> in <a href=\"http:\/\/www.freebsd.org\">FreeBSD<\/a> (from 7.1 to 8.0).  Using <a href=\"http:\/\/www.exploit-db.com\/exploits\/10255\">public exploit<\/a> local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug:<\/p>\n<p><code>% cd \/usr\/src\/libexec\/rtld-elf\/<br \/>\n% fetch <a href=\"http:\/\/people.freebsd.org\/%7Ecperciva\/rtld.patch\">http:\/\/people.freebsd.org\/~cperciva\/rtld.patch<\/a><br \/>\n% cat rtld.patch | patch -p1<br \/>\n% make &amp;&amp; make install &amp;&amp; make clean<\/code><\/p>\n<p>Thanks to <a href=\"http:\/\/truebsd.org\/sokolov\/596\">soko1<\/a> from <a href=\"http:\/\/www.truebsd.org\/\">truebsd.org<\/a>.<\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?a=gDpAc9DZtTI:c18qV5O79qQ:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?a=gDpAc9DZtTI:c18qV5O79qQ:7Q72WNTAKBA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?d=7Q72WNTAKBA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?a=gDpAc9DZtTI:c18qV5O79qQ:V_sGLiPBpWU\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?i=gDpAc9DZtTI:c18qV5O79qQ:V_sGLiPBpWU\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?a=gDpAc9DZtTI:c18qV5O79qQ:gIN9vFwOqvQ\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?i=gDpAc9DZtTI:c18qV5O79qQ:gIN9vFwOqvQ\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?a=gDpAc9DZtTI:c18qV5O79qQ:dnMXMwOfBR0\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/linuxscrew?d=dnMXMwOfBR0\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/linuxscrew\/~4\/gDpAc9DZtTI\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday really serious security bug was found in FreeBSD (from 7.1 to 8.0). Using public exploit local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug: % cd \/usr\/src\/libexec\/rtld-elf\/ % fetch http:\/\/people.freebsd.org\/~cperciva\/rtld.patch % cat rtld.patch | patch -p1 % make &amp;&amp; make install &amp;&amp; make [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-132848","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/132848","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=132848"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/132848\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=132848"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=132848"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=132848"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}