Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Hardware and Server Configuration > Centos 6 / Rhel 6 == Security hole -- Privledge esclation (CVE-2012-0056)
forgot password?



Reply


Old
  Post #1 (permalink)   01-24-2012, 03:34 PM
HD Master
 
Join Date: Dec 2011
Location: Florida
Posts: 274
Send a message via Skype™ to SolidShellSecur

Status: SolidShellSecur is offline
https://rhn.redhat.com/errata/RHSA-2012-0052.html

Quote:
* It was found that permissions were not checked properly in the Linux
kernel when handling the /proc/[pid]/mem writing functionality. A local,
unprivileged user could use this flaw to escalate their privileges. Refer
to Red Hat Knowledgebase article DOC-69129, linked to in the References,
for further information. (CVE-2012-0056, Important)
How to test if vuln
Ref: https://access.redhat.com/kb/docs/DOC-69129
Quote:
wget "https://bugzilla.redhat.com/attachment.cgi?id=556461" -O test.c
gcc test.c -o test
./test
__________________
SolidShellSecurity.com. Providing Quality Support, Secure Hosting and Amazing Services.
STAY ALERT! Sign up for our security mailing list and always know when threats come out.
 
 
 


Old
  Post #2 (permalink)   01-24-2012, 09:05 PM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Great pass along! Definitely a MUST DO for anyone running CentOS 6 systems!
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
 


Old
  Post #3 (permalink)   04-17-2012, 02:10 PM
HD Amateur
 
Join Date: Oct 2011
Posts: 83

Status: qhoster is offline
CentOS 6 turned out to be very buggy and seems not that secure as well ...
__________________
QHoster.com - Unlimited-Domain Hosting | Shared & Reseller with cPanel, Softaculous
Managed Linux and Windows RDP VPS - UK, Germany and USA | OpenVPN/PPTP Enabled
Instant setup | PayPal, Moneybookers, AlertPay, Perfect Money, WebMoney ,Bitcoin
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: