Critical Linux Exploit in the Wild

If you run servers that provide shell accounts, it’s time to take some preventive measures. At least it is if you are running kernel versions 2.6.37 to 3.8.8, or if you are running RHEL 6 or a clone like CentOS, then the bug was backported to 2.6.32. I ran the exploit myself in a test environment, and it works exactly as expected. Log in as a normal user, compile 100 or so lines of C code, run the executable and you’ve got a root shell. Scary stuff if you manage public shell accounts.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis