CVE-2008-0600

Related Files

sara-malware.tar.gz

Posted Feb 20, 2008

Authored by si0ux security

SARA Malware that exploits the vmsplice bug in the Linux kernel. Affects kernel versions 2.6.17 through 2.6.24.1. Successful exploitation allows the disabling of INPUT rules on the firewall, opens TCP port 1407 for execution of remote commands, and more.

tags | exploit, remote, kernel, tcp

systems | linux

advisories | CVE-2008-0600

SHA-256 | 13a1429b254b235cd35bb2ba6d42f62816ef074799e92cf199b306ba57d0309f

Download | Favorite | View

Debian Linux Security Advisory 1494-2

Posted Feb 13, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1494-2 - The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges. In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers.

tags | advisory, arbitrary, kernel, local, root

systems | linux, debian

advisories | CVE-2008-0010, CVE-2008-0163, CVE-2008-0600

SHA-256 | 34b719d3875c967855d387fd2b1f6c6924524020e468be586fbfcf5abcaffc62

Download | Favorite | View

Ubuntu Security Notice 577-1

Posted Feb 12, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 577-1 - Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers. A local attacker could exploit this to overwrite arbitrary kernel memory and gain root privileges.

tags | advisory, arbitrary, kernel, local, root

systems | linux, ubuntu

advisories | CVE-2008-0600

SHA-256 | c3097de3abfb7924d2558c14687527f7f3e24c385dfac514b18b0843fe5d9eff

Download | Favorite | View

Mandriva Linux Security Advisory 2008-044

Posted Feb 12, 2008

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Various local denial of service and privilege escalation vulnerabilities have been added for the Linux 2.6 kernel package.

tags | advisory, denial of service, kernel, local, vulnerability

systems | linux, mandriva

advisories | CVE-2007-5500, CVE-2007-5501, CVE-2007-6206, CVE-2008-0001, CVE-2008-0007, CVE-2008-0600

SHA-256 | 15110333a170cf683e179d93999a7af19fc080a86fb4507d86be6f743bbbae3c

Download | Favorite | View

Mandriva Linux Security Advisory 2008-043

Posted Feb 12, 2008

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected.

tags | advisory, arbitrary, kernel, local, root

systems | linux, mandriva

advisories | CVE-2008-0600

SHA-256 | 9bd3bb51b8241006cbb0fe04e1276bc890793ba7fce3fc86bc75440386aace87

Download | Favorite | View

Debian Linux Security Advisory 1494-1

Posted Feb 11, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1494-1 - The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges. In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers.

tags | advisory, arbitrary, kernel, local, root

systems | linux, debian

advisories | CVE-2008-0010, CVE-2008-0600, CVE-2008-0163

SHA-256 | dca93886f4927b2832e7fab1161ee721a75920d9083dc86b3ed21e246e5cb727

Download | Favorite | View