[colug-432] New root exploit code for CentOS
roman at ensecure.org
Tue May 14 13:00:41 EDT 2013
Not sure what is interesting about the ability to disable SELinux; you have
root, game over.
RHEL 5 is not affected, RHEL 6 is, updated packages still in-process.
On Tue, May 14, 2013 at 12:33 PM, Joshua Kramer <joskra42.list at gmail.com>wrote:
> I recently saw this:
> Given a command prompt, download this exploit, compile it, run it... and
> you suddenly have root. What is interesting about this is, as soon as you
> have root, you can disable SELinux.
> Apparently it can be mitigated using this kernel module:
> I spun up a test VM and tested this - it works! What would be interesting
> is doing some investigation to see if SELinux could prevent damage if this
> code was run from a malicious web app instead of the command prompt.
> Also, I wonder if this works on Scientific Linux and other RHEL
> derivatives, or RHEL itself?
> colug-432 mailing list
> colug-432 at colug.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the colug-432