Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
- From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
- Date: Thu, 13 Jul 2006 23:50:17 +0200
|
no ... the hacker used a previously hacked developer's account and he
used the fresh kernel bug to escalate to root privilege probably
because he had no access from the developer's account.. Read the story on debian.org David Taylor wrote: Curious why Secunia is rating this as 'less critical'. The way I see it, this exploit could be integrated into the other exploits for mambo, joomla, phpbb, etc. Also, all of us that have websites hosted on linux machines that have a vulnerable kernel could get root? I'm thinking 'highly critical'? On 7/13/06 4:24 PM, "Morning Wood" <se_cur_ity@xxxxxxxxxxx> wrote:Debian Development Machine Hacked http://lists.debian.org/debian-devel-announce/2006/07/msg00003.html or http://www.zone-h.org/content/view/13853/31/Confirmed hacked by: Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability http://www.debian.org/News/2006/20060713 or http://www.zone-h.org/content/view/13853/31/ ( updated ) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/================================================== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ ================================================== Penn Information Security RSS feed http://www.upenn.edu/computing/security/rss/rssfeed.xml Add link to your favorite RSS reader _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ __________ NOD32 1.1659 (20060713) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com |
fn:Arnaud Dovi / Ind. Security Researcher
n:Dovi;Arnaud
email;internet:ad@xxxxxxxxxxxxxxxx
tel;work:Independent Security Researcher
version:2.1
end:vcard
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE
- From: Morning Wood
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE
- References:
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
- From: David Taylor
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
- Prev by Date: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
- Next by Date: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE
- Previous by thread: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
- Next by thread: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE
- Index(es):
Relevant Pages
|
