Home page logo

bugtraq logo Bugtraq mailing list archives

RE: [Full-disclosure] Linux kernel exploit
From: John Jacobs <flamdugen () hotmail com>
Date: Wed, 8 Dec 2010 11:58:58 -0600

I've included here a proof-of-concept local privilege escalation exploit
for Linux.  Please read the header for an explanation of what's going
on.  Without further ado, I present full-nelson.c:

Hello Dan, is this exploitation not mitigated by best practice 
defense-in-depth strategies such as preventing the CAP_SYS_MODULE 
capability or '/sbin/sysctl -w kernel.modules_disabled=1' respectively? 
 It seems it'd certainly stop the Econet/Acorn issue.

Curious to hear your input as I fear too many rely solely on errata updates and not a good defense-in-depth approach.

Happy hacking,

John Jacobs

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]