> Local Root Exploit under Fedora Core 4 (stable) Advisory > > Florian Strankowski > florian.s@xxxxxxxxxxxxxxxxx > www.bildunxxluecke.de/usr/florian/advisory/advisory-05-048.txt > > Vulnerable System : > > This vulnerability affects Fedora Core 4.0 (stable) with > the kernelversion 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:53:35 EDT 2005 > (http://fedora.redhat.com) > > Vulnerability Title: > > pwned.c (originally and mods of it) > > > > Vulnerability discovery and development: > > Florian Strankowski discovered this Bug while trying to use > a standard sys_uselib for gaining root previlegies under > user enviroment in Fedora Core 4. > The Bug leads to a poc of gaining access to the /root directory > under the Fedora Core 4 System and maybe other ring-0 trees. > > Affected systems: > > - Fedora Core 4 (stable,maybe the following (not tested): testing 1, testing > 2, testing 3) > > Vendor notified: > > > Redhat Systems notified but did not publish fix To my knowledge the Red Hat Security Response Team received no notification of this issue. Please feel free to send all security related information to security@xxxxxxxxxxx The bug the attached exploit tries to leverage has been assigned the name CAN-2004-1235 by MITRE and to my knowledge has been fixed in the 2.6.11 kernel. Since Fedora Core 4 contains a variant of the 2.6.11 kernel it should not be affected. I did compile then run the exploit with no success. If an aspect of this bug has not been correctly fixed, please feel free to contact the Red Hat Security Response Team at the above address. Thanks, Josh -- Josh Bressers // Red Hat Security Response Team
