[colug-432] New root exploit code for CentOS

Neal Dias roman at ensecure.org
Tue May 14 13:00:41 EDT 2013

Not sure what is interesting about the ability to disable SELinux; you have
root, game over.

RHEL 5 is not affected, RHEL 6 is, updated packages still in-process.


On Tue, May 14, 2013 at 12:33 PM, Joshua Kramer <joskra42.list at gmail.com>wrote:

> Hello,
> I recently saw this:
> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59
> Given a command prompt, download this exploit, compile it, run it... and
> you suddenly have root.  What is interesting about this is, as soon as you
> have root, you can disable SELinux.
> Apparently it can be mitigated using this kernel module:
> http://elrepo.org/tiki/kmod-tpe
> I spun up a test VM and tested this - it works!  What would be interesting
> is doing some investigation to see if SELinux could prevent damage if this
> code was run from a malicious web app instead of the command prompt.
> Also, I wonder if this works on Scientific Linux and other RHEL
> derivatives, or RHEL itself?
> Cheers,
> -JK
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20130514/dcf38070/attachment.html 

More information about the colug-432 mailing list