Would you first need to be a local user? (so is this after authentication), or would any ssh pipe into the server be enough to exploit this?
On Thursday 14 February 2008 12:49:53 Ben wrote: > A local root exploit has been released some few days ago. This very critical > failure allows a local user to gain root access on a machine, using a bug in > the system function vmsplice(). > > Kernel version concerned is 2.6. (Linux 2.6.17 - 2.6.24.1) > > To fix it you need to upgrade your kernel, and of course reboot the machine. > That makes this security hole even more critical > > for an update under debian : > > > aptitude update > > aptitude ugrade > > aptitude dist-upgrade > > and reboot ! > > > > Gues it is the same under Ubuntu ... > > Here is the Debian security report: > http://www.debian.org/security/2008/dsa-1494 > > Details about the exploit : > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 > http://lwn.net/SubscriberLink/268783/c6a3f3433044e10b/ (not read!) > > I have personnaly tried it (link in French : > http://www.tux-planet.fr/blog/?2008/02/12/224-local-root-exploit-sous-linux) > and it is very impressive (and scary !) > > If you don't have an open access to your machine from the outside world you > are relatively safe ... but never know ! > > Cordially, > -- rgds, Reinier Battenberg Director Mountbatten Ltd. +256 782 801 749 www.mountbatten.net _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
