Local Root Exploit in Multiple Versions of Linux Kernels
All security websites are reporting that there is a script that will allow non-root users with ssh2 access to obtain full access to the system.
http://www.securityfocus.com/bid/27704/info
http://it.slashdot.org/it/08/02/10/2011257.shtml
All our servers were patched this morning and restarted. According to Redhat bugzilla, it only affected servers running Redhat 5. Servers on Redhat 4 were not affected.
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-0600
This is considered a very severe exploit.
If you have other servers and want to check if you're vulnerable, do the following in shell:
grep -ri vmsplice /boot/System.map-$(uname -r)
if it returns nothing = not vulnerable
if it returns something like: c048fdf7 T sys_vmsplice = vulnerable
Kevin Liang
CTO / SEO Guru
Canadian Web Hosting
http://www.canadianwebhosting.com/
Subscribe
Categories
Hosting Services
Recent Posts
- Google Store View Coming Soon
- 10 Tips to Building and Structuring Inbound Links
- Google Rich Snippets to Include Events
- Google Olympic Page with Snow View
- Google Shortcut Search Commands
Recent Comments
- admin on Parked Domains, Sub Domains, Add-on Domains… What are they?
- Elaine on Parked Domains, Sub Domains, Add-on Domains… What are they?
- Dorothy Turcotte on 10 Tips to Building and Structuring Inbound Links
- Ryan on 10 Tips to Building and Structuring Inbound Links
- Randy on Installing Ruby on Rails in Cpanel
Archives
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- April 2009
- November 2008
- October 2008
- September 2008
- July 2008
- June 2008
- February 2008
- January 2008
- November 2007
- August 2007
- July 2007
- June 2007