Linux Kernel Root Access Vulnerability Again
On 2007 vulnerability has been discovered in 64-bit Linux kernel system that allowed a local user to gain root privileges using unsafe broadcast 32-bit calls on all Linux kernel. This bug was fixed after a while.
Ben Hawkes is the researcher who firstly discovered this problem and has made a small modification in the same exploit code to make Linux kernel vulnerable again. Ben has tested the exploit on all 64 bit Linux-kernels.
Now if you have a Linux server in your organization you are invited to update Linux Kernel as soon as possible or to disable the shell access on the Linux server to be sure that you are protected against this bug.
RedHat announced that there kernel is not vulnerable in RHEL 3, 4 , 5 and CentOS distributions. While you can find vulnerabilities fix in other popular Linux-distributions Ubuntu, Slackware, Gentoo, Mandriva, openSUSE, Fedora and Debian. The testing exploit for the vulnerability can be found here.
make sure you subscribe to my RSS feed!