[colug-432] New root exploit code for CentOS
Travis Sidelinger
travissidelinger at gmail.com
Tue May 14 12:41:39 EDT 2013
The source code link seems to be down:
http://xxxxsheep.org/~sd/warez/semtex.c
-Travis
On Tue, May 14, 2013 at 12:33 PM, Joshua Kramer <joskra42.list at gmail.com>wrote:
> Hello,
>
> I recently saw this:
>
> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59
>
> Given a command prompt, download this exploit, compile it, run it... and
> you suddenly have root. What is interesting about this is, as soon as you
> have root, you can disable SELinux.
>
> Apparently it can be mitigated using this kernel module:
>
> http://elrepo.org/tiki/kmod-tpe
>
> I spun up a test VM and tested this - it works! What would be interesting
> is doing some investigation to see if SELinux could prevent damage if this
> code was run from a malicious web app instead of the command prompt.
>
> Also, I wonder if this works on Scientific Linux and other RHEL
> derivatives, or RHEL itself?
>
> Cheers,
> -JK
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>
--
"A careful reading of history clearly demonstrates ...
that people don't read history carefully.”
“We can't solve problems by using the same kind of thinking we used when we
created them.”
—Albert Einstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20130514/13743480/attachment.html
More information about the colug-432
mailing list