Fedora Users — Re: Root exploit in the wild

Re: Root exploit in the wild

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora <fedora-list@xxxxxxxxxx>

Subject: Re: Root exploit in the wild

From: "Michael A. Peters" <mpeters@xxxxxxx>

Date: Mon, 11 Feb 2008 03:31:30 -0800

In-reply-to: <47B028B6.7050400@xxxxxxxxx>

References: <20080210163423.b468e4e8.theatre@xxxxxxxxxxx> <47B028B6.7050400@xxxxxxxxx>

Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

User-agent: Thunderbird 2.0.0.9 (X11/20080129)

Valent Turkovic wrote:

Frank Cox wrote:

https://bugzilla.redhat.com/show_bug.cgi?id=432229

Mentioned on Slashdot here:

http://it.slashdot.org/article.pl?sid=08/02/10/2011257

Centos bug report here:

https://bugzilla.redhat.com/show_bug.cgi?id=432251


Is my CentOS box with kenel 2.6.18-53.1.4.el5 vulnerable?

Valent

Yes. I tested it on both i386 and x86_64

Actually I tested 2.6.18-53.1.6.el5 but I have no doubt it would work inthe 53.1.4 kernel.

On i386 - first attempt failed with a message "wtf" but second (w/orecompiling) attempt worked.


On x86_64 - I'm not sure why but I had to alter the exploit code to
#define PAGE_SIZE 4096
to get it to compile, but once compiled, it worked perfectly.