Full Disclosure: Re: Linux kernel exploit

Re: Linux kernel exploit

From: John Jacobs <flamdugen () hotmail com>
Date: Wed, 8 Dec 2010 11:58:58 -0600

I've included here a proof-of-concept local privilege escalation exploit
for Linux.  Please read the header for an explanation of what's going
on.  Without further ado, I present full-nelson.c:


Hello Dan, is this exploitation not mitigated by best practice 
defense-in-depth strategies such as preventing the CAP_SYS_MODULE 
capability or '/sbin/sysctl -w kernel.modules_disabled=1' respectively? 
 It seems it'd certainly stop the Econet/Acorn issue.

Curious to hear your input as I fear too many rely solely on errata updates and not a good defense-in-depth approach.

Happy hacking,
Dan


Cheers,
John Jacobs
                                          
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Linux kernel exploit, (continued)
- Re: Linux kernel exploit coderman (Dec 07)
  - Re: Linux kernel exploit Rem7ter (Dec 08)
    - Re: Linux kernel exploit mezgani ali (Dec 08)
  - Re: Linux kernel exploit Thomas SOETE (Dec 08)
    - Re: Linux kernel exploit Dan Rosenberg (Dec 08)
    - Re: Linux kernel exploit nix (Dec 08)
- Re: Linux kernel exploit John Jacobs (Dec 08)
- Re: Linux kernel exploit Sherif Mousa (Dec 09)
- Re: Linux kernel exploit Kai (Dec 08)
  - Re: Linux kernel exploit Marcus Meissner (Dec 08)
  - Re: Linux kernel exploit niklas | brueckenschlaeger (Dec 08)
- Re: Linux kernel exploit Francisco J (Dec 13)
  - Re: Linux kernel exploit R0me0 *** (Dec 13)
- Re: Linux kernel exploit firebits (Dec 13)
  - Re: Linux kernel exploit Benji (Dec 13)
  - Re: Linux kernel exploit Ariel Biener (Dec 13)
    - Re: Linux kernel exploit Cal Leeming [Simplicity Media Ltd] (Dec 13)
(Thread continues...)