raz3k Posted March 7, 2008 Report Share Posted March 7, 2008 vulnerable kernels: 2.6.17 - 2.6.24.1POC:http://www.milw0rm.com/exploits/5092http://www.milw0rm.com/exploits/5093PATCH:http://sweon.net/wp-content/uploads/2008/02/vmsplice.patchpoate e de folos cuiva Quote Link to comment Share on other sites More sharing options...
Petzy Posted March 8, 2008 Report Share Posted March 8, 2008 vulnerable kernels: 2.6.17 - 2.6.24.1POC:http://www.milw0rm.com/exploits/5092http://www.milw0rm.com/exploits/5093PATCH:http://sweon.net/wp-content/uploads/2008/02/vmsplice.patchpoate e de folos cuiva ms Quote Link to comment Share on other sites More sharing options...
Grunt Posted March 10, 2008 Report Share Posted March 10, 2008 Din cate stiu eu, e patch-uit deja de vreo 2-3 saptamani... Quote Link to comment Share on other sites More sharing options...
moubik Posted March 10, 2008 Report Share Posted March 10, 2008 chestia tare e ca atunci cand a aparut aceste exploit, era valabil pe foarte multe distributii de linux cu update-urile la zi a fost un haos de toata frumusetea. Quote Link to comment Share on other sites More sharing options...
lesprojectman Posted March 10, 2008 Report Share Posted March 10, 2008 it`s working ! Quote Link to comment Share on other sites More sharing options...
raz3k Posted March 10, 2008 Author Report Share Posted March 10, 2008 pana cand face lumea patch la kernel sau update o sa tot mearga Quote Link to comment Share on other sites More sharing options...
aoreas Posted April 8, 2008 Report Share Posted April 8, 2008 deci nui place sa ma laud da ios mai prost ase zicetimi cum sal folosesc Quote Link to comment Share on other sites More sharing options...
~Xenoger Posted April 8, 2008 Report Share Posted April 8, 2008 deci nui place sa ma laud da ios mai prost ase zicetimi cum sal folosesc Este un exploit ce afecteaza Kerkenele 2.6.17 - 2.6.24.1 , de fapt Kernel = LINUX iar kernel + pache = distributie de linux .. in fine , in mare este un exploit. Ce face ? Daca intri pe o distributie linux care are un kernel dintre cele afectate iar tu ai drepturi doar de user atunci rulezi exploitul si vei avea drepturi de administrator adica root. Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted April 8, 2008 Report Share Posted April 8, 2008 gcc -o nume xploit.c -static -Wno-format./nume si ai rootmajoritatea administratorilor de servere au patchuit deja dar inca se gasesc destule vulnerabile .... tot ce este instalat peste 10 Februarie 2008 este patched si tot ce e 2007 in jos e vuln .(daca nu gresesc aplicarea patchului schimba si data de instalare/update a kernelului ... adica aia care apare la uname -a ... daca gresesc il rog pe moubik sa ma corecteze) Quote Link to comment Share on other sites More sharing options...
raz3k Posted April 9, 2008 Author Report Share Posted April 9, 2008 Da, are dreptate Kenpachi, in cazu unui Debian etch s-a schimbat si data kernelului. Quote Link to comment Share on other sites More sharing options...
