Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Privilege Escalation in Fedora Linux: Exploiting ABRT for Root (initblog.com)
3 points by ementally 9 days ago | hide | past | favorite | 2 comments




  g_autofree char *docker_inspect_cmdline = NULL;
  if (root_dir != NULL)
    docker_inspect_cmdline = g_strdup_printf("chroot %s /bin/sh -c \"docker inspect %s\"", root_dir, container_id);
  else
    docker_inspect_cmdline = g_strdup_printf("docker inspect %s", container_id);
What static and dynamic analysis tools and rules could have found this vuln?

reply


Almost regex:

  .*cmd.*=.*printf.*%s

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: