[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked -UPDATE
From: "Morning Wood" <se_cur_ity@xxxxxxxxxxx>
Date: Thu, 13 Jul 2006 15:05:40 -0700

David Taylor wrote:
Curious why Secunia is rating this as 'less critical'.  The way I see it,

this exploit could be integrated into the other exploits for mambo,joomla,

phpbb, etc.  Also, all of us that have websites hosted on linux machines
that have a vulnerable kernel could get root?

I'm thinking 'highly critical'?


considering the widespread use of that kernel,
yes

and yes, viable user=>root exploit can be obtained from a web app vuln. (hacking 101 here kids )

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
  - From: David Taylor
- Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
  - From: ad@xxxxxxxxxxxxxxxx

Prev by Date: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
Next by Date: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
Previous by thread: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
Next by thread: Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
Index(es):
- Date
- Thread