HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #36
From team Stealth Assassin
New advisory by : thaidn
Affected service(s): vdspi
Severity [lmh] : high
===== Problem =====
By entering 5 in DEBUG menu, a root shell is spawned.
===== Impact =====
do anything to the host
===== Fix =====
The shell access can be disabled by removing lines 56 from ui-debug_menu.adb
Rating
[2] yes.