Package: linux-image-2.6.18-6-686 Version: 2.6.18.dfsg.1-17etch1 Severity: important
There is a bug in vmsplice from 2.6.17 to 2.6.24.1 that can be exploited by any user process to gain root privileges. info is here http://isc.sans.org/newssummary.html which links to the source code for the exploit here: http://www.milw0rm.com/exploits/5092 ...which has been tested, and works like a charm. Also here: http://www.isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt ...which describes the exploit in more detail. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]