Close Panel

2

Sep

2009

All Linux Kernel Are Targeted

By IPSECS Admin. Posted in Exploitation | No Comments »

Yupe, that’s true when sock_sendpage() is discovered to be vulnerable by Tavis Ormandy and Julien Tinnes. The function is vulnerable to NULL pointer dereference that can be exploited to escalate priviledge to be root. Most of linux kernel are reported to be vulnerable. Exploit to take advantage of this flaw has been developed and spreaded freely on internet. The exploit can be used to bypass security restriction like SElinux.

http://milw0rm.com/exploits/9435 – the first written exploit by spender of gresecurity
http://milw0rm.com/exploits/9436 – another exploit taken from www.frasunek.com
http://milw0rm.com/exploits/9479 – another exploit from p0c73n1
http://milw0rm.com/exploits/9545 – another exploit written by Ramon de Carvalho Valle of risesecurity

Download the exploit, compile and execute! BOOMMM It’s root! Finally, this post is a little bit late :D .

is
Email this author | All posts by | Subscribe to Entries (RSS)

 

» Comments are closed.