[Gllug] Root exploit 2.2.0 to 2.4.10
chris at void.printf.net
Thu Oct 20 00:23:13 UTC 2011
On Fri, 2001-10-19 at 20:12, William Palfreman wrote:
> Just seen this on /. I'm about to just testing it now to see if it is
> true. If it is and you administer shell account boxes you could be
> in trouble. Expect a very rapid release of 2.2.20!
You didn't provide a link and it's not on the front page, so I'll
explain a little.
There's a kernel bug that can allow:
o A DOS attack through referencing an arbitrary number of symlinks
o A /local/ root exploit via an setuid app (in this example, a
world-executable and setuid root /usr/bin/addgrp) and ptrace.
It affects all 2.2 kernels, and 2.4 kernels pre 2.4.10. I'm upgrading a
few public-facing machines now.. *sigh*
$a="printf.net"; Chris Ball | chris at void.$a | www.$a | finger: chris@$a
"In the beginning there was nothing, which exploded."
Gllug mailing list - Gllug at linux.co.uk
More information about the GLLUG