From: Leonardo Eloy (leonardo@morphus.com.br)
Date: Tue Jan 18 2005 - 09:17:46 EST
Hi list,
It's known that the Linux kernel has multiple vulnerabilities (I
counted 22 just this month, listed below). In the audits I've been
participating I turned my main test point to the Linux Kernel, when
local user privilege has been achieved.
I was wondering, how many of you do really use these vulnerabilities
when doing pen tests?
List of known kernel vulnerabilites in January/2005 (soruce:
securityfocus.com):
2005-01-14: Linux Kernel SMBFS Multiple Remote Vulnerabilities
2005-01-14: Linux Kernel Multiple Local MOXA Serial Driver Buffer
Overflow Vulnerabilities
2005-01-14: Linux Kernel ELF Binary Loading Denial Of Service
Vulnerability
2005-01-14: Linux Kernel IGMP Multiple Vulnerabilities
2005-01-14: Linux Kernel USB io_edgeport Driver Local Integer
Overflow Vulnerability
2005-01-14: Linux Kernel SCM_SEND Local Denial of Service Vulnerability
2005-01-14: Linux Kernel EXT3 File System Information Leakage
Vulnerability
2005-01-14: Linux Kernel BINFMT_ELF Loader Local Privilege
Escalation Vulnerabilities
2005-01-14: Linux Kernel AF_UNIX Arbitrary Kernel Memory
Modification Vulnerability
2005-01-14: Linux Kernel USB Driver Uninitialized Structure
Information Disclosure Vulnerability
2005-01-13: Linux Kernel User Triggerable BUG() Unspecified Local
Denial of Service Vulnerability
2005-01-13: Linux Kernel Local Denial Of Service And Memory
Disclosure Vulnerabilities
2005-01-13: Linux kernel Uselib() Local Privilege Escalation
Vulnerability
2005-01-11: Linux Kernel Multiple Unspecified Vulnerabilities
2005-01-11: Linux Kernel Local RLIMIT_MEMLOCK Bypass Denial Of
Service Vulnerability
2005-01-11: Linux Kernel SCSI IOCTL Integer Overflow Vulnerability
2005-01-11: Linux Kernel Random Poolsize SysCTL Handler Integer
Overflow Vulnerability
2005-01-11: Linux Security Modules Process Capabilities Design
Error Vulnerability
2005-01-05: Linux Kernel Local File Descriptor Passing Security
Module Bypass Vulnerability
2005-01-05: Linux Kernel SYSENTER Thread Information Pointer Local
Information Disclosure Vulnerability
2005-01-04: Linux Kernel Sock_DGram_SendMsg Local Denial Of Service
Vulnerability
2005-01-04: Linux Kernel Multiple Local Vulnerabilities
Regards,
-- Leonardo Eloy, LPIC-1, FCSE Security Analyst Morphus Tecnologia Fone/Fax: 85 3452.5733/5737 Móvel: 85 8802.6740 e-mail: leonardo@morphus.com.br site: http://www.morphus.com.br The information contained in this message and in the attached files are restricted, and its confidentiality protected by law. In case you are not the addressee, be aware that the reading, spreading and copy of this message is unauthorized. Please, delete this message and notify the sender. The improper use of this information will be treated according the company's internal rules and legal laws.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:14 EDT