banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits Linux Kernel PROC Filesystem Local Privilege Escalation Vulnerability  XML
  [Question]   Linux Kernel PROC Filesystem Local Privilege Escalation Vulnerability 16/07/2006 16:36:53 (+0700) | #1 | 7181
[Avatar]
mudzot
Elite Member

[Minus]    0    [Plus]
Joined: 26/06/2006 14:41:27
Messages: 76
Offline
[Profile] [PM]
Link đến securityfocus
http://www.securityfocus.com/bid/18992/info

The Linux kernel is susceptible to a local privilege-escalation vulnerability. This issue is due to a race-condition in the 'proc' filesystem.

This issue allows local attackers to gain superuser privileges, facilitating the complete compromise of affected computers.

The 2.6 series of the Linux kernel is vulnerable to this issue.
Exploit có sau 1 ngày
http://www.securityfocus.com/data/vulnerabilities/exploits/h00lyshit.c
milw0rm cũng đã cập nhật. Lại béo mấy chú chuyên đi local.
Nhìn nó chạy mà đau lòng :cry:
Code:
preparing
trying to exploit /usr/X11R6/lib/libethereal.so.0.0.1

sh-3.00# id
uid=0(root) gid=100(users) groups=10(wheel),18(audio),100(users),410(volusers)
sh-3.00#

Lại phải cập nhật kernel cho cái server cà giựt
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|