On Wed, Feb 4, 2015 at 8:43 PM, Warren Young <w...@etr-usa.com> wrote:
>> On Feb 4, 2015, at 7:23 PM, Les Mikesell <lesmikes...@gmail.com> wrote:
>>
>> On Wed, Feb 4, 2015 at 6:32 PM, Warren Young <w...@etr-usa.com> wrote:
>>>
>>> An LPE can only be used against your system by logged-in users.
>>
>> Or any running program - like a web server.
>
> That’s not what LPE means. “L” = “local”, meaning you are logged-in
> interactively to the server, or have the ability to execute arbitrary
> commands remotely, which comes to the same thing.
>
> The only way Apache can be used in conjunction with an LPE to provide root
> access is via something like Shellshock.
The instance I saw used a java web server, but server bugs that allow
allow execution of arbitrary commands have been fairly numerous -
shellshock might have worked too. And that's all you need to turn
what you thought was a local vulnerability into a remote one.
--
Les Mikesell
lesmikes...@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
