Linux Kernel Exploit Busily Rooting 64-Bit Machines
http://a.fsdn.com/sd/topics/topicslashdot.gif
http://rss.slashdot.org/Slashdot/slashdotLinux
An anonymous reader writes “Running 64-bit Linux? Haven’t updated yet? You’re probably being rooted as I type this. CVE-2010-3081, this week’s second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and ‘Ac1db1tch3z’ (classy) published code to let any local user get a root shell. Ac1db1tch3z’s exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there’s a tool you can run to see if you’ve… Continue reading
Hole In Linux Kernel Provides Root Rights
http://a.fsdn.com/sd/topics/topicslashdot.gif
http://rss.slashdot.org/Slashdot/slashdotLinux
oztiks writes with this excerpt from The H:
“A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim’s system. According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who… Continue reading