[ILUG] kernel security hole
David Howe
david.howe at howesystems.com
Wed Feb 13 10:48:11 GMT 2008
Does anyone know if you require sudo enabled in order to run the exploit?
On Wed, February 13, 2008 9:57 am, FRLinux wrote:
> On Feb 13, 2008 9:37 AM, Rob Gallagher <rob.gallagher at gmail.com> wrote:
>> vmsplice() has cause several vulnerabilities recently, and it's
>> trivial to exploit:
>
> Quickest way to immune a system while you are fixing it is disabling
> shell access to users. Be also aware that web/cgi applications can
> technically be also vulnerable to this if crappy code such as php's
> system call is invoked in a badly scripted page (never happens, right
> ?)
>
> My 2 bytes,
> Steph
> --
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug
> Who we are : http://www.linux.ie/
> Where we are : http://www.linux.ie/map/
>
--
David Howe
Managing Director
Howe Systems Limited
Tel: +353 402 93030
Mob: +353 86 173 1754
Registered Address: Rock Big, Arklow, County Wicklow
Place of Registration: Dublin, Ireland.
Company Registration Number:399359
More information about the ILUG
mailing list