HackFest Series Root Buffer Overflow vmsplice() Example or Why Trust is So Important
Lisa Kachold
lisakachold at obnosis.com
Fri Nov 14 09:37:39 MST 2008
There is a common thinking error in Linux professionals today - "security holes are not really something to worry about - these "exploits" can't REALLY be applied to threaten anyone - they are just reports of system updates".
Consider:
1) Do you trust your users? Any user account can deploy a root buffer overflow script.
2) Do you have SSH open to the world, yet are not sure your passwords don't appear in the dictionary attack lists to provide $badkitties a nice shell to buffer overflow your root (setup a rootkit and pwn your servers)?
3) Are your system patches up to date or did you simply do what everyone does and yum update at build?
http://www.milw0rm.com/exploits/5092 = Exploit script for obtaining root from a shell against a CVE CentOs/RedHat vmsplice() system call in the 5 kernel.
Full Example/Description of the vmsplice (3 different buffer exploits) Including Most recent patches: https://bugzilla.redhat.com/show_bug.cgi?id=432251
Be afraid, be very afraid!
On Sarbanes-Oxley and PCI Compliant networks, ssh is not allowed without source and destination controls.
Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
_________________________________________________________________
Windows Live Hotmail now works up to 70% faster.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081114/3332be5f/attachment.htm
More information about the PLUG-discuss
mailing list