Re: some new remote exploit?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Mon, 7 Apr 2003 17:44:17 +0300 (EEST)
Tarhon-Onu Victor <mituc@xxxxxxxxxxxxxx> wrote:

> 	Both kernel versions are vulnerable to ptrace exploit (localy) 
> (you said you-re running a free webmail, this mean cgi/php/whatever). 
> Both kernels may not have been patched against NIC drivers problem which
> is possible remotely exploatable.

While it is likely that some shell commands can be run through php, this
is only true for the web server box. And i've seen what appears to be the
same thing on the mailserver box more than two hours before it happened on
the web server.

NIC padding ... well if i understand that problem correctly, it would only
allow an attacker to read certain parts of memory that happens to be sent
out with certain packets. But both these boxen are behind a ipchains
firewall that does masq & vlan & some filtering, so i find that unlikely

More ideas? :)


Jure Pecar

Redhat-devel-list mailing list

[Index of Archives]     [Kernel Newbies]     [Red Hat General]     [Fedora]     [Red Hat Install]     [Linux Kernel Development]     [Yosemite News]

  Powered by Linux