New Linux Kernel vulnerability (local privelege escalation type) as of 07/20/2006

Alec§taar · 07-19-2006, 05:04 AM

Linux kernel PRCTL local privilege escalation

http://isc.sans.org/diary.php?storyid=1482

Might not sound like much, a LOCAL system privelege escalation... but, not when viewed in combination w/ the latest threats out there (called emailable, & IM'able messages when macro capable clients are used, imo)...

* Almost makes you wish you had an "AntiVirus" for Linux, eh?

APK

P.S.=> Oh, I'd wager there IS one, some antivirus for Linux... but how many Linux users assume there is nothing that can attack them in this manner/capacity?

I'd wager, most...

What I'd be worried about is a "blended-threat" that exploits this from your Linux software, & there is probably SOME that can be exploited thus!

Just like MS products have been via poisoned document macros & such...

If you run anything like that? Watch it... apk

07-19-2006, 05:04 AM	#1
Alec§taar Banned Join Date: May 2006 Location: Someone who's going to find NewTekie1 and teach him a lesson Posts: 3,380 (2.62/day) Thanks: 0 Thanked 101 Times in 101 Posts System Specs	New Linux Kernel vulnerability (local privelege escalation type) as of 07/20/2006 Linux kernel PRCTL local privilege escalation http://isc.sans.org/diary.php?storyid=1482 Might not sound like much, a LOCAL system privelege escalation... but, not when viewed in combination w/ the latest threats out there (called emailable, & IM'able messages when macro capable clients are used, imo)... * Almost makes you wish you had an "AntiVirus" for Linux, eh? APK P.S.=> Oh, I'd wager there IS one, some antivirus for Linux... but how many Linux users assume there is nothing that can attack them in this manner/capacity? I'd wager, most... What I'd be worried about is a "blended-threat" that exploits this from your Linux software, & there is probably SOME that can be exploited thus! Just like MS products have been via poisoned document macros & such... If you run anything like that? Watch it... apk

Processor:	DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard:	ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling:	PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory:	512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card:	BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Harddisk:	Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
CD/DVD Drive:	SONY DRU-810a Double-Sided DvD burner
CRT/LCD Model:	SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case:	Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Sound Card:	RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
PSU:	Antec 500w ATX 2.0 "SmartPower" powersupply
Software:	Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)