Revision as of 20:58, 7 March 2009 edit Intelmole (talk \| contribs) 42 edits m moved Vmsplice() exploit to Known Exploits of Computer Software: Move as discussed on vmsplice talk page: http://en.wikipedia.org/wiki/Talk:Vmsplice()_exploit ← Previous edit		Revision as of 21:12, 7 March 2009 edit undo Intelmole (talk \| contribs) 42 edits Added table of exploit details, reorganisation of table layout Next edit →
Line 1: The following is a list of known exploits of computer software ~~{{splitsections\|Known Exploits of Computer Software}}~~ =Operating Systems= ==Linux== ===vmsplice() exploit=== {\| border="1" \|+ vmsplice() exploit \| Program Affected \|\| Linux \|- \| Initial version affected \|\| 2.6.17 \|- \| Exploit fixed in version \|\| 2.6.24.2 \|} ~~{{lowercase}}~~ The '''vmsplice() local root exploit''' was a vulnerability in the [[Linux kernel]] that allowed a user with [[shell account\|shell access]] to mount a [[privilege escalation]] attack to gain [[root]] against a system running versions of the kernel later than 2.6.17.<ref name="Secunia">{{cite news \| first=Wojciech \| last=Purczynskiof \| coauthors= qaaz \| title= Linux Kernel "vmsplice()" System Call Vulnerabilities \| date=[[2008-02-11]] \| url =http://secunia.com/advisories/28835/ \| work =[[Secunia]] \| pages = \| accessdate = 2008-04-16 \| language = }}</ref><ref>{{cite news \| first= \| last=Dawson \| coauthors= \| title= Linux Kernel "vmsplice()" System Call Vulnerabilities \| date=[[2008-02-10]] \| publisher=[[SourceForge]] \| url =http://it.slashdot.org/article.pl?sid=08/02/10/2011257 \| work =[[Slashdot]] \| pages = \| accessdate = 2008-04-16 \| language = }}</ref> This remained unpatched for several days, but was fixed in kernel version 2.6.24.2. <ref name="Secunia"/> ==References== {{Reflist}} ~~{{linux-stub}}~~ ~~[[Category:Linux kernel]]~~

Vmsplice() local root exploit: Difference between revisions