Hi, I haven't seen the topic raised yet on the list so I am posting a small message to anyone allowing untrusted users to execute code inside a vserver.
The recently discovered local privilege escalation vulnerability (http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt) does work inside a vserver and allows to become root inside the vserver. Of course this does not allow to break out of the vserver completly, but if you have not yet upgraded to 1.25/1.26 yet, it can be combined with the chmod() vulnerability to break out. Kernel 2.4.25 is not vulnerable. The latest stable version of linux-vserver is available for this kernel version. -- Cedric Veilleux _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
