------------------------------------------------------------------------ Local Root Exploit in Linux 2.6.13 to 2.6.17.3 http://nic.phys.ethz.ch/news/1152791277
As Paul Starzetz [1]recently noted on Full Disclosure, the vulnerability [2]CVE-2006-2451 / [3]BID 18874 in the [4]Linux Kernel 2.6.13 up to 2.6.17.3 and 2.6.16.23 is not only a [5]Denial of Service vulnerability as [6]described in some advisories, but can also be used to get root access as a normal local user (and via SSH of course also remotely). The vulnerability has been fixed in kernel versions [7]2.6.17.4 and [8]2.6.16.24, but an easy to understand [9]exploit has been posted to the security mailing list Bugtraq, so it won't take long until script kiddies will try to use it where ever they can.
So if you run one or more boxes with Linux Kernel 2.6 in your group or institute which is not managed by us, please upgrade the kernel as soon as possible to prevent hostile take-overs of these boxes. Most of the workstations managed by [10]us still run Linux Kernel 2.4 which is not affected and those which run Linux Kernel 2.6 have been already updated.
References
1. http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047762.html 2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2451 3. http://www.securityfocus.com/bid/18874 4. http://www.kernel.org/ 5. http://en.wikipedia.org/wiki/Denial-of-service_attack 6. http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047726.html 7. http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.4 8. http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.24 9. http://www.securityfocus.com/archive/1/439869 10. http://nic.phys.ethz.ch/contact/
------------------------------------------------------------------------ ISG News Mailinglist Go to https://webmail.phys.ethz.ch/mailman/listinfo/isg-news to unsubscribe or change your settings.
ISG Department Physik isg@phys.ethz.ch