[Nottingham] systems privilege escalation
VM
vadim+NLUG at mankevich.co.uk
Tue Jan 24 17:00:21 UTC 2017
we knew that something was wrong and we were right.
systemd creates world writable suid files that allow attackers to execute code as root. silently fixed in version 229, so arch, ubuntu, fedora and gentoo users should be happy for now. looks like Debian was still vulnerable because systemd developers did not recognise it as a critical security issue...
CVE-2016-10156
happy patching!
--
vadim at mankevich.co.uk PGP key fingerprint
0xC046022A3A91455AF0C9BB2404BF882B1905C772
Retrieve from hkps://pgp.mit.edu
More information about the Nottingham
mailing list