https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
https://bugzilla.redhat.com/show_bug.cgi?id=432251
Frank Cox wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
Frank, thank you for posting this.
Has anyone on the list patched a Fedora Core 6 install as suggested in the bug notes? If so, did you have any problems with it?
Thanks in advance for any feedback.
Regards, Langdon
Langdon Stevenson wrote:
Frank Cox wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
Frank, thank you for posting this.
Has anyone on the list patched a Fedora Core 6 install as suggested in the bug notes? If so, did you have any problems with it?
Thanks in advance for any feedback.
Regards, Langdon
I just installed vanilla 2.6.24.2 (the fixed version) from kernel.org on my FC6 box. Works fine.
Regards,
John
On Mon, 2008-02-11 at 10:35 -0800, John Wendel wrote:
Langdon Stevenson wrote:
Frank Cox wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
Frank, thank you for posting this.
Has anyone on the list patched a Fedora Core 6 install as suggested in the bug notes? If so, did you have any problems with it?
Thanks in advance for any feedback.
Regards, Langdon
I just installed vanilla 2.6.24.2 (the fixed version) from kernel.org on my FC6 box. Works fine.
I just installed kernel-2.6.23.15-80.fc7.i686.rpm. Isn't that the "fixed version"? Ric
Frank Cox wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
Is my CentOS box with kenel 2.6.18-53.1.4.el5 vulnerable?
Valent
Valent Turkovic wrote:
Frank Cox wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Centos bug report here:
Is my CentOS box with kenel 2.6.18-53.1.4.el5 vulnerable?
Valent
Yes. I tested it on both i386 and x86_64 Actually I tested 2.6.18-53.1.6.el5 but I have no doubt it would work in the 53.1.4 kernel.
On i386 - first attempt failed with a message "wtf" but second (w/o recompiling) attempt worked.
On x86_64 - I'm not sure why but I had to alter the exploit code to #define PAGE_SIZE 4096 to get it to compile, but once compiled, it worked perfectly.
On Sunday 10 February 2008, Frank Cox wrote:
Hmm. I wonder if this is how the recent apache hosted servers were rooted remotely, even though the official explanation was password compromise. While this particular issue is a local exploit, if you can get code to run on the box as some user local to that box then you could get a remote exploit through this local one.
Any local exploit can easily become a remote exploit if script injection into rich app servers is possible.
Thanks for posting.
On Feb 11, 2008 8:55 AM, Lamar Owen lowen@pari.edu wrote:
On Sunday 10 February 2008, Frank Cox wrote:
Hmm. I wonder if this is how the recent apache hosted servers were rooted remotely, even though the official explanation was password compromise. While this particular issue is a local exploit, if you can get code to run on the box as some user local to that box then you could get a remote exploit through this local one.
Any local exploit can easily become a remote exploit if script injection into rich app servers is possible.
I'd be surprised if those systems were running kernels that are this new.
John
On Mon, 11 Feb 2008 09:08:00 -0600 inode0 inode0@gmail.com wrote:
I'd be surprised if those systems were running kernels that are this new.
Why? Lots of outfits use RHEL and Centos for their server applications and one assumes they would be keeping them up to date.
Frank Cox wrote:
On Mon, 11 Feb 2008 09:08:00 -0600 inode0 inode0@gmail.com wrote:
I'd be surprised if those systems were running kernels that are this new.
Why? Lots of outfits use RHEL and Centos for their server applications and one assumes they would be keeping them up to date.
But a lot of them are running rhel/centos 3 or 4 - rhel 5 isn't that old.
Michael A. Peters wrote:
Frank Cox wrote:
On Mon, 11 Feb 2008 09:08:00 -0600 inode0 inode0@gmail.com wrote:
I'd be surprised if those systems were running kernels that are this new.
Why? Lots of outfits use RHEL and Centos for their server applications and one assumes they would be keeping them up to date.
But a lot of them are running rhel/centos 3 or 4 - rhel 5 isn't that old.
Uh... RHEL 5 is nearly a year old...
-Scott
-
Frank Cox -
inode0 -
John Wendel -
Lamar Owen -
Langdon Stevenson -
Michael A. Peters -
Ric Moore -
Scott Harvanek -
Valent Turkovic