[ILUG] kernel security hole
FRLinux
frlinux at gmail.com
Wed Feb 13 09:57:23 GMT 2008
On Feb 13, 2008 9:37 AM, Rob Gallagher <rob.gallagher at gmail.com> wrote:
> vmsplice() has cause several vulnerabilities recently, and it's
> trivial to exploit:
Quickest way to immune a system while you are fixing it is disabling
shell access to users. Be also aware that web/cgi applications can
technically be also vulnerable to this if crappy code such as php's
system call is invoked in a badly scripted page (never happens, right
?)
My 2 bytes,
Steph
More information about the ILUG
mailing list