On Thu, Sep 25, 2014 at 8:23 AM, Michael Torrie <[email protected]> wrote: > I've run a few tests > and I'm unable to get the exploit to work remotely unless I get the > login to succeed. Obviously I'm missing something. Can someone help me > out here?
I think that's the way it works. I think the attacker has to have a login point (their's or one they 'acquired' from someone else), but then they can gain elevated privileges. > Also I discovered my aging Centos 5 server is not vulnerable. :) There's the answer, we should all just stop updating :) -John /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
