Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE



no ... the hacker used a previously hacked developer's account and he used the fresh kernel bug to escalate to root privilege probably because he had no access from the developer's account..
Read the story on debian.org

David Taylor wrote:
Curious why Secunia is rating this as 'less critical'.  The way I see it,
this exploit could be integrated into the other exploits for mambo, joomla,
phpbb, etc.  Also, all of us that have websites hosted on linux machines
that have a vulnerable kernel could get root?

I'm thinking 'highly critical'?



On 7/13/06 4:24 PM, "Morning Wood" <se_cur_ity@xxxxxxxxxxx> wrote:

  
Debian Development Machine Hacked
http://lists.debian.org/debian-devel-announce/2006/07/msg00003.html
or
http://www.zone-h.org/content/view/13853/31/
      
Confirmed hacked by:
Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability

http://www.debian.org/News/2006/20060713

or

http://www.zone-h.org/content/view/13853/31/  ( updated )

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    


==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security
Philadelphia PA USA
(215) 898-1236
http://www.upenn.edu/computing/security/
==================================================

Penn Information Security RSS feed
http://www.upenn.edu/computing/security/rss/rssfeed.xml
Add link to your favorite RSS reader



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


__________ NOD32 1.1659 (20060713) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com



  

begin:vcard
fn:Arnaud Dovi / Ind. Security Researcher
n:Dovi;Arnaud
email;internet:ad@xxxxxxxxxxxxxxxx
tel;work:Independent Security Researcher
version:2.1
end:vcard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/