Announcement

Collapse
No announcement yet.

“Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

    "Any user can become root in < 5 seconds in my testing, very reliably. Scary stuff.
    The vulnerability is easiest exploited with local access to a system such as shell accounts. Less trivially, any web server/application vulnerability which allows the attacker to upload a file to the impacted system and execute it also works.

    The particular exploit which was uploaded to my system was compiled with GCC 4.8.5 released 20150623, though this should not imply that the vulnerability was not available earlier than that date given its longevity. As to who is being targeted, anyone running Linux on a web facing server is vulnerable."
    -- Phil Oester, Linux developer
    http://arstechnica.com/security/2016...ctive-exploit/

    My advice is essentially just keep up to date with security updates
Working...
X