Alec§taar
07-19-2006, 04:04 AM
Linux kernel PRCTL local privilege escalation
http://isc.sans.org/diary.php?storyid=1482
Might not sound like much, a LOCAL system privelege escalation... but, not when viewed in combination w/ the latest threats out there (called emailable, & IM'able messages when macro capable clients are used, imo)...
:(
* Almost makes you wish you had an "AntiVirus" for Linux, eh?
APK
P.S.=> Oh, I'd wager there IS one, some antivirus for Linux... but how many Linux users assume there is nothing that can attack them in this manner/capacity?
I'd wager, most...
What I'd be worried about is a "blended-threat" that exploits this from your Linux software, & there is probably SOME that can be exploited thus!
Just like MS products have been via poisoned document macros & such...
If you run anything like that? Watch it... apk
http://isc.sans.org/diary.php?storyid=1482
Might not sound like much, a LOCAL system privelege escalation... but, not when viewed in combination w/ the latest threats out there (called emailable, & IM'able messages when macro capable clients are used, imo)...
:(
* Almost makes you wish you had an "AntiVirus" for Linux, eh?
APK
P.S.=> Oh, I'd wager there IS one, some antivirus for Linux... but how many Linux users assume there is nothing that can attack them in this manner/capacity?
I'd wager, most...
What I'd be worried about is a "blended-threat" that exploits this from your Linux software, & there is probably SOME that can be exploited thus!
Just like MS products have been via poisoned document macros & such...
If you run anything like that? Watch it... apk