Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE



no ... the hacker used a previously hacked developer's account and he used the fresh kernel bug to escalate to root privilege probably because he had no access from the developer's account..
Read the story on debian.org

David Taylor wrote:
Curious why Secunia is rating this as 'less critical'.  The way I see it,
this exploit could be integrated into the other exploits for mambo, joomla,
phpbb, etc.  Also, all of us that have websites hosted on linux machines
that have a vulnerable kernel could get root?

I'm thinking 'highly critical'?



On 7/13/06 4:24 PM, "Morning Wood" <se_cur_ity@xxxxxxxxxxx> wrote:

  
Debian Development Machine Hacked
http://lists.debian.org/debian-devel-announce/2006/07/msg00003.html
or
http://www.zone-h.org/content/view/13853/31/
      
Confirmed hacked by:
Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability

http://www.debian.org/News/2006/20060713

or

http://www.zone-h.org/content/view/13853/31/  ( updated )

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    


==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security
Philadelphia PA USA
(215) 898-1236
http://www.upenn.edu/computing/security/
==================================================

Penn Information Security RSS feed
http://www.upenn.edu/computing/security/rss/rssfeed.xml
Add link to your favorite RSS reader



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


__________ NOD32 1.1659 (20060713) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com



  

begin:vcard
fn:Arnaud Dovi / Ind. Security Researcher
n:Dovi;Arnaud
email;internet:ad@xxxxxxxxxxxxxxxx
tel;work:Independent Security Researcher
version:2.1
end:vcard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)
    ... browser exploit hackers in the world, I do not do kernel bugs. ... If someone in Goatse Security were to be involved with the ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)
    ... browser exploit hackers in the world, I do not do kernel bugs. ... If someone in Goatse Security were to be involved with the ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)
    ... browser exploit hackers in the world, I do not do kernel bugs. ... If someone in Goatse Security were to be involved with the ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Another 0day to sell.
    ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... Igor Marcel - Vugo Verbal Killer (VUGO) ... H2G-Labs Information Security - Information Security Consultant ...
    (Full-Disclosure)
  • Re: [Full-disclosure] NT4 worm
    ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... University of Pennsylvania Information Security ... Penn Information Security RSS feed ...
    (Full-Disclosure)