[EDB] Linux Zero Day Found - Overclock.net - An Overclocking Community

Forum Jump: 

[EDB] Linux Zero Day Found

Reply
 
Thread Tools
post #1 of 17 (permalink) Old 09-20-2010, 04:42 PM - Thread Starter
New to Overclock.net
 
ionstorm66's Avatar
 
Join Date: May 2009
Location: Florida Keys/Maui
Posts: 1,017
Rep: 55 (Unique: 51)
A zero day bug has been found in the linux kernal, that lets anyone who has access to the server to get root permissions. The bug has been in the kernal for 2 years now. There is no official patch yet.

http://www.exploit-db.com/exploits/15024/

ionstorm66 is offline  
Sponsored Links
Advertisement
 
post #2 of 17 (permalink) Old 09-20-2010, 04:42 PM
New to Overclock.net
 
nathris's Avatar
 
Join Date: Sep 2007
Location: Victoria, BC
Posts: 12,988
Rep: 1004 (Unique: 746)
I'm sure it will be patched in a matter of hours.

Scary though.

Quote:
Originally Posted by Miki
You have to work a lot harder at customizing an iPhone. I'm never going back. Ever.


nathris is offline  
post #3 of 17 (permalink) Old 09-20-2010, 04:44 PM
New to Overclock.net
 
Nooooob's Avatar
 
Join Date: Aug 2010
Location: New York
Posts: 1,190
Rep: 34 (Unique: 33)
Let's all PANIC!

Nooooob is offline  
Sponsored Links
Advertisement
 
post #4 of 17 (permalink) Old 09-20-2010, 04:44 PM
New to Overclock.net
 
cubanresourceful's Avatar
 
Join Date: Jun 2008
Location: Florida
Posts: 2,384
Rep: 101 (Unique: 94)
Quote:
Originally Posted by Nooooob View Post
Let's all PANIC!
Kernal panic?

I'm Mike D. and I get respect, your cash and your jewelry is what I expect.

My Car: '02 Pewter Chevrolet Camaro 3.8L V6 - January 2, 2012: 150,000mi

Please JOIN: THE CHEVY Owners CLUB!!!
Please JOIN: The Mercedes-Benz Owners Club!

cubanresourceful is offline  
post #5 of 17 (permalink) Old 09-20-2010, 04:47 PM
New to Overclock.net
 
Join Date: Jul 2008
Posts: 1,652
Rep: 56 (Unique: 53)
Quote:
Originally Posted by cubanresourceful View Post
Kernal panic?
Kernel Sanders!

Tempest001 is offline  
post #6 of 17 (permalink) Old 09-20-2010, 04:49 PM
 
Join Date: Jul 2009
Location: Boynton Beach, FL
Posts: 3,748
Quote:
Originally Posted by Tempest001 View Post
Kernel Sanders!
Colonel*
F1ForFrags is offline  
post #7 of 17 (permalink) Old 09-20-2010, 04:49 PM
New to Overclock.net
 
dracotonisamond's Avatar
 
Join Date: Apr 2009
Location: California
Posts: 2,850
Rep: 123 (Unique: 113)
this is old news to me... a few buds of mine have known about this for a while.
dracotonisamond is offline  
post #8 of 17 (permalink) Old 09-20-2010, 04:59 PM
New to Overclock.net
 
adramalech707's Avatar
 
Join Date: Feb 2008
Location: Rancho Cordova, California
Posts: 812
Rep: 55 (Unique: 52)
I remember vaguely about two years ago. Someone said that Linus was working on a patch to apply to the git dev kernel, but I guess it got pushed off. There are a couple work-arounds from what I have heard to make sure that this doesn't happen. It would be nice to not have to worry. I feel sorry for all those lamp servers out there.

But really, the only way this can be exploited is either by a user on the inside or someone on the outside getting someones username and password, which usually are firewalled like crazy on big servers.

i7 860 @ 4GHz proof.gif
guide to installing gentoo 32bit & 64bit

Quote:
Originally Posted by AtomicFrost go_quote.gif
Silverlight and HTML 5 video implementations don't run on magical unicorn CPU cycles. You can't get something for nothing.


adramalech707 is offline  
post #9 of 17 (permalink) Old 09-20-2010, 05:03 PM
New to Overclock.net
 
lattyware's Avatar
 
Join Date: Feb 2007
Location: Leicester, England
Posts: 4,447
Rep: 393 (Unique: 299)
Quote:
Originally Posted by ionstorm66 View Post
A zero day bug has been found in the linux kernal, that lets anyone who has access to the server to get root permissions. The bug has been in the kernal for 2 years now. There is no official patch yet.

http://www.exploit-db.com/exploits/15024/
It's been patched for a while:

http://www.h-online.com/open/news/it...s-1082415.html

This was originally a problem in 2007, it got quickly patched, but then later got reverted by accident, no one noticed til now. It happens. The good thing is there is a quick patch and it's fixed.

Lattyware | Main PC: Shinobu | Gaming: Nodoka | Fileserver: Index | HTPC: Hanako
Never been convinced by Linux? Here is a challenge. | Using LVM
Scratched Disc? | Guide To LAN Parties | Writing a GUI application in Python/Glade
Etching an image into your case. | Wireless Access Points: Easy wireless networking.
A Member Of The OCN Anime/Manga Club
"I disapprove of what you say, but I will defend to the death your right to say it." --Evelyn Beatrice Hall
lattyware is offline  
post #10 of 17 (permalink) Old 09-20-2010, 06:03 PM
New to Overclock.net
 
Join Date: Nov 2008
Posts: 2,225
Rep: 148 (Unique: 128)
Quote:
Originally Posted by Tempest001 View Post
Kernel Sanders!
Kernel Klink

Sergeant Shultz says. I see NOTHING. I hear NOTHING!!

There's what. A 1000 eyes on the linux kernel day after day. All thinking and wondering different things. Poor bugs don't stand a chance.

Hephasteus is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off