vserver development mailing list: Re: [Vserver] ELF Loader Bug exploitable inside a vServer

Re: [Vserver] ELF Loader Bug exploitable inside a vServer:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 12 May 2005 - 17:52:01 BST

Previous message: Herbert Poetzl: "Re: [Vserver] cpu counters in 1.9.5"
In reply to: Oliver Welter: "[Vserver] ELF Loader Bug exploitable inside a vServer"
Next in thread: Oliver Welter: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
Reply: Oliver Welter: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
Reply: Michal Ludvig: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"

On Thu, May 12, 2005 at 01:43:09PM +0200, Oliver Welter wrote:
> Hi Folks,
>
> serious problem:
> I read about the new BufferOverflow in the kernel's ELF Loader - it
> seems that an unprivileged attacker can start process in the kernels
> context..

details?

- which issue?
- what kernels are affected?
- how does the 'exploit' look like?

> Is it possible to gain root inside a vServer ?

sure, usually you do that by 'su -'

> Is it possible to break out of a vServer with this Bug ?

depends, if you can create kernel processess, they
certainly can circumvent _any_ kernel side protection
so if done probably, I'd say so ...

HTH,
Herbert

> Oliver
> --
> Diese Nachricht wurde digital unterschrieben
> oliwel's public key: http://www.oliwel.de/oliwel.crt
> Basiszertifikat: http://www.ldv.ei.tum.de/page72

> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Previous message: Herbert Poetzl: "Re: [Vserver] cpu counters in 1.9.5"
In reply to: Oliver Welter: "[Vserver] ELF Loader Bug exploitable inside a vServer"
Next in thread: Oliver Welter: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
Reply: Oliver Welter: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
Reply: Michal Ludvig: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 12 May 2005 - 17:52:20 BST by hypermail 2.1.3