Hi,
mnordhoff:
Thanks for heads up. I have checked on the security issue relating to kernel version 2.6.39.
-----
Vulnerability Summary for CVE-2012-0056
The mem_write function in Linux kernel 2.6.39 and other versions, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory
-----
I have also run the exploit (mempodipper)-
http://blog.zx2c4.com/749 on my linodes with a normal login account and did not gain root shell.
----
pentester@mercury:~$ whoami && id
pentester
uid=1012(pentester) gid=1011(pentester) groups=1011(pentester)
pentester@mercury:~$ ./mempodipper
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Received fd at -1.
[-] recv_fd: Address already in use
pentester@mercury:~$ [+] Opening parent mem /proc/11146/mem in child.
[-] open: No such file or directory
pentester@mercury:~$ whoami && id
pentester
uid=1012(pentester) gid=1011(pentester) groups=1011(pentester)
----
Confirmed this vulnerability on Debian -
http://security-tracker.debian.org/trac ... -2012-0056 (linux-2.6 source squeeze (not affected) )
----
pentester@mercury:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 6.0.5 (squeeze)
Release: 6.0.5
Codename: squeeze
----
This raise lower concerns for now as it's only locally exploitable and I am the only user accessible to shell, non logins and system accts are properly secured. Have additional security measures with filesystem quotas, shell limits, and OSSEC HIDS (syscheck, rootkits detect, file changes, log monitoring, alerts and responses). I am actively looking into the security of my linodes with nmap and nessus scans.
theckman:
Thanks, I am considering using newer kernels when I order for new linodes.
