da-adv-01202007.txt

Digital Armaments advisory is 01.20.2007 http://www.digitalarmaments.com/2007200184936274.html I. Background grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. For further information or detail abo...

grsecurity privilege escalation

Privilege escalation with expandstack...

Grsecurity Kernel PaX本地特权提升漏洞

Grsecurity Kernel PAX是一款Linux操作系统的内核安全加强补丁。 Grsecurity补丁中的expandstack存在未明错误，本地攻击者可以利用漏洞提升特权。 目前没有详细漏洞细节提供。 grsecurity grsecurity Kernel Patch 2.1.8 grsecurity grsecurity Kernel Patch 2.1.7 grsecurity grsecurity Kernel Patch 2.1.6 grsecurity grsecurity Kernel Patch 2.1.5 grsecurity grsecurity Kern...

CVE-2007-0253

Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expandstack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function the...

CVE-2007-0257

Unspecified vulnerability in the expandstack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has...

Grsecurity内核PaX本地权限提升漏洞

Grsecurity Linux是一款开放源代码操作系统。 Grsecurity的expandstack函数实现上存在漏洞，本地攻击者可能利用此漏洞以root用户权限执行任意指令。 grsecurity grsecurity Kernel Patch = 2.1.8 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.grsecurity.net/...

Grsecurity Kernel PaX - Local Privilege Escalation

/ source: https://www.securityfocus.com/bid/22014/info Grsecurity Kernel PaX is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to obtain superuser privileges. A successful attack can result in the complete compromise of the affected computer. NOTE: The...