Linux Kernel < 2.6.19 'udp_sendmsg' Local Privilege Escalatio
Reporter | Title | Published | Views | Family All 99 |
---|---|---|---|---|
Tenable Nessus | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6453) | 24 Sep 200900:00 | – | nessus |
Tenable Nessus | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6460) | 17 May 201200:00 | – | nessus |
Tenable Nessus | SuSE9 Security Update : Linux kernel (YOU Patch Number 12487) | 24 Sep 200900:00 | – | nessus |
Tenable Nessus | Scientific Linux Security Update : kernel on SL3.x i386/x86_64 | 1 Aug 201200:00 | – | nessus |
Tenable Nessus | Oracle Linux 3 : kernel (ELSA-2009-1233) | 12 Jul 201300:00 | – | nessus |
Tenable Nessus | CentOS 3 : kernel (CESA-2009:1233) | 31 Aug 200900:00 | – | nessus |
Tenable Nessus | RHEL 5 : kernel (RHSA-2009:1222) | 25 Aug 200900:00 | – | nessus |
Tenable Nessus | Scientific Linux Security Update : kernel on SL5.x i386/x86_64 | 1 Aug 201200:00 | – | nessus |
Tenable Nessus | CentOS 5 : kernel (CESA-2009:1222) | 6 Jan 201000:00 | – | nessus |
Tenable Nessus | Oracle Linux 4 : kernel (ELSA-2009-1223) | 12 Jul 201300:00 | – | nessus |
/* second verse, same as the first
CVE-2009-2698 udp_sendmsg(), x86/x64
Cheers to Julien/Tavis for the bug, p0c73n1 for just throwing code at
NULL and finding it executed
This exploit is a bit more nuanced and thoughtful ;)
use ./therebel.sh for everything
At this moment, when each of us must fit an arrow to his bow and
enter the lists anew, to reconquer, within history and in spite of it,
that which he owns already, the thin yield of his fields, the brief
love of the earth, at this moment when at last a man is born, it is
time to forsake our age and its adolescent furies. The bow bends;
the wood complains. At the moment of supreme tension, there will
leap into flight an unswerving arrow, a shaft that is inflexible and
free. -Camus
*/
main: http://grsecurity.net/~spender/therebel.tgz
back: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/9574.tgz (2009-therebel.tgz)
# milw0rm.com [2009-09-02]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo