Root exploit in the wild
Michael A. Peters
mpeters at mac.com
Mon Feb 11 11:31:30 UTC 2008
Valent Turkovic wrote:
> Frank Cox wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=432229
>>
>> Mentioned on Slashdot here:
>>
>> http://it.slashdot.org/article.pl?sid=08/02/10/2011257
>>
>> Centos bug report here:
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=432251
>>
>
> Is my CentOS box with kenel 2.6.18-53.1.4.el5 vulnerable?
>
> Valent
>
Yes. I tested it on both i386 and x86_64
Actually I tested 2.6.18-53.1.6.el5 but I have no doubt it would work in
the 53.1.4 kernel.
On i386 - first attempt failed with a message "wtf" but second (w/o
recompiling) attempt worked.
On x86_64 - I'm not sure why but I had to alter the exploit code to
#define PAGE_SIZE 4096
to get it to compile, but once compiled, it worked perfectly.
More information about the fedora-list
mailing list