OpenVZ Forum: Devel » IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2)

Home » Mailing lists » Devel » IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2) [message #7373 is a reply to message #7368]

Thu, 12 October 2006 09:32

Mishin Dmitry
Messages: 112
Registered: February 2006

Senior Member

Hi, Avi!

Sorry for long delay, new 2.6.9-based kernels are uploaded:
http://download.openvz.org/kernel/rhel4/023stab030.1/

On Thursday 12 October 2006 05:47, Avi Brender wrote:
> Hi,
>
> The latest RHEL4 kernel for OpenVZ ((2.6.9-023stab016.2) available at
> http://openvz.org/download/kernel/rhel4/ is vulnerable to the PRCTL
> exploit: http://isc.sans.org/diary.php?storyid=1482
>
> example session of "nobody" running the exploit and getting a root shell:
>
> [root@mailin-02node tmp]# uname -a
> Linux mailin-02node.elitehosts.com 2.6.9-023stab016.2 #1 Thu Aug 10
> 23:39:42 MSD 2006 i686 i686 i386 GNU/Linux
> [root@mailin-02node tmp]# su nobody
> bash-3.00$ ls -ld 05
> -rwxr-xr-x 1 nobody nobody 13298 Oct 11 21:42 05
> bash-3.00$ ./05
>
> prctl() suidsafe exploit
>
> (C) Julien TINNES
>
> [+] Installed signal handler
> [+] We are suidsafe dumpable!
> [+] Malicious string forged
> [+] Segfaulting child
> [+] Waiting for exploit to succeed (~26 seconds)
> [+] getting root shell
> sh-3.00# whoami
> root
> sh-3.00# uname -a
> Linux mailin-02node.elitehosts.com 2.6.9-023stab016.2 #1 Thu Aug 10
> 23:41:42 MSD 2006 i686 i686 i386 GNU/Linux
> sh-3.00#
>
> ---------------------------
> Avi Brender
> abrender@elitehosts.com
> Elite Hosts, Inc
> -------------------------------------------------------
> WARNING !!! This email message is for the sole use of the intended
> recipient(s) and may contain confidential and privileged information. Any
> unauthorized review; use, disclosure or distribution is prohibited, and
> could result in criminal prosecution. If you are not the intended
> recipient, please contact the sender by reply email and destroy all copies
> of the original message. This message is private and is considered a
> confidential exchange - public disclosure of this electronic message or its
> contents are prohibited.
> ----------------------

--
Thanks,
Dmitry.

Report message to a moderator

[Message index]

		IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2) By: Avi Brender on Thu, 12 October 2006 01:47
		Re: IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2) By: Mishin Dmitry on Thu, 12 October 2006 09:32

Previous Topic:	Re: [RFC][PATCH] EXT3: problem with page fault inside a transaction
Next Topic:	Re: IMPORTANT: latest RHEL4 kernel has a root exploit!! (2.6.9-023stab016.2)

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Oct 15 12:31:23 GMT 2025

Total time taken to generate the page: 0.27395 seconds