-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Can confirm this. Works on debian kernel 2.4.27 with applied patch:
Virtual private servers and security contexts (vserver), from package
kernel-patch-ctx, version 2:1.2.10-1
What debian kernel-source revision are you using?
Also, you are using
Hi,
Can confirm this. Works on debian kernel 2.4.27 with applied patch:
Virtual private servers and security contexts (vserver), from package
kernel-patch-ctx, version 2:1.2.10-1
http://vserver.13thfloor.at/Stuff/rootesc.c
exploit works. I'm able to escape chroot and access filesystem
Dear Micah,
Thank you for your replies, I merged the three replies in one here
for you. :)
在 2005/9/30 上午 5:36 時,Micah 寫到:
Please tell me how you run this script and what failures you get, also
this is a destructive test, correct?
The test require a loopback file or an empty partition, I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
tag 329087 +moreinfo
thanks
Andrew Lee wrote:
I found the kernel-patch-vserver and util-vserver in sarge can not pass
the testfs.sh script[1] which provide by upstream author.
Please tell me how you run this script and what failures you get,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Micah wrote:
ssh into a guest and then starting the root exploit[2] inside a guest now
gives: Exploit seems to work. =)
sshing into a guest on my system and running that root exploit gives:
mkdir baz: Permission denied
chroot baz: No such
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
When I said this:
This is not what I get on my i386 system:
# showattr -d /var/lib/vservers//..
- ---bui- /big/vservers//..
This was expected because this was actually a symlink, if I perform the
showattr on the actual directory I get this:
Package: kernel-patch-vserver
Severity: critical
Tags: sarge
Justification: root security hole
Dear maintainer(s),
I found the kernel-patch-vserver and util-vserver in sarge can not pass
the testfs.sh script[1] which provide by upstream author. After some more
tests, upstream author discoveryed
7 matches
Mail list logo