[NBLUG/talk] local root exploit, no vendor patches available at the moment

error error at sonic.net
Tue Mar 2 01:45:01 PST 2004


Hey everyone,

This is a pretty amazing in the "real real bad" department.

http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt


The exploit in that advisory is simple to use, script kiddies be damned.

Pretty much every (2.4.x,2.6.x) box on the net with local user access
can be rooted.

I forwarded this along so that wonder how hard it is to exploit a box
(getting root locally), can see this in the real world.

It was posted to bugtraq and it's in the wild.

Anyone have any suggestions for patches to fix this (kernel land
obviously)?

Ta ta,
-- 
error <error at sonic.net>




More information about the talk mailing list