Root exploit in the wild
lowen at pari.edu
Mon Feb 11 14:55:58 UTC 2008
On Sunday 10 February 2008, Frank Cox wrote:
Hmm. I wonder if this is how the recent apache hosted servers were rooted
remotely, even though the official explanation was password compromise.
While this particular issue is a local exploit, if you can get code to run on
the box as some user local to that box then you could get a remote exploit
through this local one.
Any local exploit can easily become a remote exploit if script injection into
rich app servers is possible.
Thanks for posting.
More information about the fedora-list