Critical Linux Exploit in the WildMay 18, 2013, 16:00 (2 Talkback[s])
(Other stories by Anonymous)
If you run servers that provide shell accounts, it???s time to take some preventive measures. At least it is if you are running kernel versions 2.6.37 to 3.8.8, or if you are running RHEL 6 or a clone like CentOS, then the bug was backported to 2.6.32. I ran the exploit myself in a test environment, and it works exactly as expected. Log in as a normal user, compile 100 or so lines of C code, run the executable and you???ve got a root shell. Scary stuff if you manage public shell accounts.
0 Talkback[s] (click to add your comment)