On 5/26/05, Joey Hess <[EMAIL PROTECTED]> wrote: > Selva Nair wrote:
> > Looking through evidence left behind (bash_history etc..) I have > > figured out that > > the privilege escalation was achived using an executable that the > > attacker downloaded > > from the net. I have verified that this binary is indeed capable of > > giving root shell to any user > > and it works on two test systems I tried -- one woody and one redhat 7.2. > > Well to choose one security hole at random out of dozens to hundreds > that remain unfixed in woody's kernels, this one allows anyone to go from > a normal user account to root: > > CAN-2005-1263 [Linux kernel ELF core dump privilege escalation] > - kernel-source-2.6.11 2.6.11 2.6.11-4 > - kernel-source-2.6.8 2.6.8-16 > - kernel-source-2.4.27 2.4.27-10 > I built a new kernel from 2.4.30 sources and the exploit no more works. Hope this one is safer. Selva
