Does anyone know if you require sudo enabled in order to run the exploit?
On Wed, February 13, 2008 9:57 am, FRLinux wrote:
> On Feb 13, 2008 9:37 AM, Rob Gallagher <rob.gallagher at gmail.com> wrote:
>> vmsplice() has cause several vulnerabilities recently, and it's
>> trivial to exploit:
>> Quickest way to immune a system while you are fixing it is disabling
> shell access to users. Be also aware that web/cgi applications can
> technically be also vulnerable to this if crappy code such as php's
> system call is invoked in a badly scripted page (never happens, right
> ?)
>> My 2 bytes,
> Steph
> --
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug> Who we are : http://www.linux.ie/> Where we are : http://www.linux.ie/map/>
--
David Howe
Managing Director
Howe Systems Limited
Tel: +353 402 93030
Mob: +353 86 173 1754
Registered Address: Rock Big, Arklow, County Wicklow
Place of Registration: Dublin, Ireland.
Company Registration Number:399359
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
