Critical Linux Exploit in the WildMay 18, 2013, 16:00 (2 Talkback[s])
(Other stories by Anonymous)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
If you run servers that provide shell accounts, it???s time to take some preventive measures. At least it is if you are running kernel versions 2.6.37 to 3.8.8, or if you are running RHEL 6 or a clone like CentOS, then the bug was backported to 2.6.32. I ran the exploit myself in a test environment, and it works exactly as expected. Log in as a normal user, compile 100 or so lines of C code, run the executable and you???ve got a root shell. Scary stuff if you manage public shell accounts.
0 Talkback[s] (click to add your comment)