Description:
We've started a new 0 day initiative on SecurityTube where we post videos of 0 Day Attacks. Request the community to refer us any 0 Day video they might come across and for original exploit coders to create videos and post them on SecurityTube. So, without further delay, here is the first 0 day demo:
Linux kernel 2.6 < 2.6.19 (32bit) ip_append_data() local ring0 root exploit was discovered by Tavis Ormandy and
Julien Tinnes of the Google Security Team and relased on 31st Aug 2009. The exploit has been successfully tested on White Box 4(2.6.9-5.ELsmp), CentOS 4.4(2.6.9-42.ELsmp), CentOS 4.5(2.6.9-55.ELsmp), Fedora Core 4(2.6.11-1.1369_FC4smp), Fedora Core 5(2.6.15-1.2054_FC5) and Fedora Core 6(2.6.18-1.2798.fc6).
Here is a short demo of the exploit posted by
Spendergrsec. You can download the exploit
here and give it a try.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: