Root exploit in the wild

inode0 inode0 at
Mon Feb 11 15:08:00 UTC 2008

On Feb 11, 2008 8:55 AM, Lamar Owen <lowen at> wrote:
> On Sunday 10 February 2008, Frank Cox wrote:
> >
> Hmm.  I wonder if this is how the recent apache hosted servers were rooted
> remotely, even though the official explanation was password compromise.
> While this particular issue is a local exploit, if you can get code to run on
> the box as some user local to that box then you could get a remote exploit
> through this local one.
> Any local exploit can easily become a remote exploit if script injection into
> rich app servers is possible.

I'd be surprised if those systems were running kernels that are this new.


More information about the fedora-list mailing list