ld-elf.so Local DoS Vulnerability or not
We have found an interesting feature in the FreeBSD run-time link editor (rtld), which links dynamic executables with their needed libraries at run time.
The ld-elf.so.1 utility itself is loaded by the kernel together with any dynamically-linked program that is to be executed. The kernel transfers control to the dynamic linker. After the dynamic linker has finished loading, relocating, and initializing the program and its required shared objects, it transfers control to the entry point of the program.
It also has an executable flag, so let’s try to execute it.
Results:
FreeBSD 6.3.x:
$ /libexec/ld-elf.so.1
bash: /libexec/ld-elf.so.1: cannot execute binary file
$
FreeBSD 7.x:
$ /libexec/ld-elf.so.1
(no return)
Turns out the ld-elf.so keeps loading itself over and over, maxing out a cpu core while doing so. I had to enforce a cputime limit in login.conf so funny users won’t be able to profit from their discovery.
A fix isn’t likely as it looks like this is just one of those things you shouldn’t do
Posted 2010/02/22 21:20 by jos
cheap Paul & Shark pants & shorts Says:
This article is very good, very appealing. Affects every reader chord, hoping to share with you the exchange. Thank articles.
discount swiss Seiko watches Says:
This article is good, very good, let I learned a lot from ~ you don’t miss, hurry to join!
best mens Rolex Datejust II Says:
This article is very good, I like, thank you, I’m more understanding Keep up the blogs!
iphone 4 crytal cases Says:
I clicked on a hyperlink and arrived here… not really what I was searching for at the very first place but I started reading through and couldn’t stop. Great Site!
gardener Says:
Nice post. Thanks.
christian louboutin outlet Says:
<a href=“http://www.forkshoes.com/pumps.html”><img src=“http://www.forkshoes.com/images/thumbnails/pumps/SOHO212.jpg”></a> crucial for every circumstance. <a href=“http://www.forkshoes.com/fashion-collection.html”>red heels</a> red heels <a href=“http://www.forkshoes.com”>shoes with red bottom</a> shoes with red bottom The duties and required a marriage supervisor variety relying on the involvement to the bride along with spending budget <a href=“http://www.lingeriesroom.com/golden-blue-belly-dance-waist-link-h2635bl-h2635BL-good.html”>micro thong</a>. A superb range of brides would like to possess a declare in just about every function in their marriage ceremony <a href=“http://www.forkshoes.com/christian-louboutin-pumps-cl025-cl025-lady.html”>red black pumps</a> red black pumps , which could guide you to consider on much more just like a harmony part from exactly where the bride requires strategies alongside one another with assistance. Then again, some brides to generally be want the whole occasion for them, which means a whole lot a lot more run about the wedding ceremony planners conclusion. <a href=“http://www.forkshoes.com/christian-louboutin-privatita-platform-slingbacks-gold-182-lady.html”>privatita platform slingbacks gold</a> privatita platform slingbacks gold <a href=“http://www.forkshoes.com/christian-louboutin20100832-black-sheeo-skin-short-boots-658-lady.html”>black sheeo skin short boots</a> black sheeo skin short boots Correctly evaluating the latest bride s would like and requirements may very well be crucial at first phase aided by the setting up. This
Tammi Says:
I loved as much as you will receive carried out right here.
The sketch is attractive, your authored subject matter stylish.
nonetheless, you command get bought an edginess over
that you wish be delivering the following. unwell unquestionably
come more formerly again since exactly the same nearly a lot often inside case you shield
this increase.
gold price Says:
Greetings from Colorado! I’m bored to tears at work so I decided to browse your blog on my iphone during lunch break. I love the info you present here and can’t wait to take
a look when I get home. I’m surprised at how fast your blog loaded on my cell phone .. I’m not even using WIFI, just 3G .
. Anyways, very good site!
workout at home Says:
Nice post. I learn something new and challenging on blogs I stumbleupon every day.
It will always be helpful to read through articles from other
authors and use something from other web sites.
how to have better sex Says:
Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point.
You definitely know what youre talking about, why waste your intelligence
on just posting videos to your site when you could be giving us something enlightening to read?
Ethel Says:
I have fun with, result in I found just what I used to be taking a look for.
You’ve ended my four day long hunt! God Bless you man. Have a nice day. Bye
Thurman Says:
After I originally commented I seem to have clicked the
Notify me when new comments are addedcheckbox and now each time acomment is added I receive four emails with the
exact same comment. Perhaps there is a way you are able to remove me from that service?
Thank you!
keep reading Says:
The other day, while I was at work, my cousin stole my iphone and tested to see if it
can survive a 25 foot drop, just so she can be a youtube sensation.
My iPad is now broken and she has 83 views. I know this is totally
off topic but I had to share it with someone!
why internet maps are handy Says:
I’d like to find out more? I’d love to find out some additional information.
Alejandro Says:
I like the helpful information you provide in your articles.
I will bookmark your blog and check again here frequently. I’m quite sure I will learn many new stuff right here! Good luck for the next!