exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2006-2451

Status Candidate

Overview

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

Related Files

SUSE-SA-2006-042.txt
Posted Jul 28, 2006
Site suse.com

SUSE Security Announcement SUSE-SA:2006:042 - A slew of kernel related vulnerabilities has been fixed in SUSE Linux for the 2.6 series.

tags | advisory, kernel, vulnerability
systems | linux, suse
advisories | CVE-2006-0744, CVE-2006-1528, CVE-2006-1855, CVE-2006-1857, CVE-2006-1858, CVE-2006-1859, CVE-2006-1860, CVE-2006-2444, CVE-2006-2445, CVE-2006-2448, CVE-2006-2450, CVE-2006-2451, CVE-2006-2934, CVE-2006-2935, CVE-2006-3085, CVE-2006-3626
SHA-256 | 4c8c22343a9c6f45ba441423e790535d6fa953e7a4733a9309a92d7c98856860
Linux 2.6.17.4 logrotate prctl() Local Root
Posted Jul 18, 2006
Authored by Marco Ivaldi

Linux kernel versions 2.6.13 through 2.6.17.4 logrotate prctl() local root exploit.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
SHA-256 | 995ad370e696f5f1c0bc629b380daafcd59b60857f273db6b436e78d3a465c8e
prctl.sh.txt
Posted Jul 14, 2006
Authored by Sunix

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version 2.6.17.4. Tested by author on 2.6.9-22.ELsmp.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
SHA-256 | 92e668656e0c087c68b636f708d6eb965aaa9c8931d230c3ee05f332ed21bc18
Linux 2.6.x suid_dumpable Local Root
Posted Jul 13, 2006
Authored by Marco Ivaldi

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and POSSIBLY gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2006-2451
SHA-256 | 43b35a03fd56d46107a22c6dd5e1fbf42c693fadd0596f7aaa5fee6249b7f76f
rs_prctl_kernel.c
Posted Jul 12, 2006
Authored by dreyer, Roman Medina-Heigl Hernandez aka RoMaNSoFt

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version 2.6.17.4.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
SHA-256 | 677603aff112604786b2a169c6c42470daa27928b5f9c17dc183f7ed1be5cd7d
Ubuntu Security Notice 311-1
Posted Jul 12, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 311-1 - A race condition was discovered in the do_add_counters() functions. Processes which do not run with full root privileges, but have the CAP_NET_ADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so this can only be an issue for you if you use third-party software that uses Linux capabilities. John Stultz discovered a faulty BUG_ON trigger in the handling of POSIX timers. A local attacker could exploit this to trigger a kernel oops and crash the machine. Dave Jones discovered that the PowerPC kernel did not perform certain required access_ok() checks. A local user could exploit this to read arbitrary kernel memory and crash the kernel on 64-bit systems, and possibly read arbitrary kernel memory on 32-bit systems. A design flaw was discovered in the prctl(PR_SET_DUMPABLE, ...) system call, which allowed a local user to have core dumps created in a directory he could not normally write to. This could be exploited to drain available disk space on system partitions, or, under some circumstances, to execute arbitrary code with full root privileges. This flaw only affects Ubuntu 6.06 LTS.

tags | advisory, arbitrary, kernel, local, root
systems | linux, osx, ubuntu
advisories | CVE-2006-0039, CVE-2006-2445, CVE-2006-2448, CVE-2006-2451
SHA-256 | 7561e7fc801390c8838f1fe27efaf5483ef09bccc24d1fcccab73c2e3b1b9963
rPSA-2006-0122-1.txt
Posted Jul 9, 2006
Site rpath.com

rPath Security Advisory: 2006-0122-1 - Multiple kernel vulnerabilities have been address in rPath Linux.

tags | advisory, kernel, vulnerability
systems | linux
advisories | CVE-2006-2451, CVE-2006-2934
SHA-256 | f289ce55b2831694808c76e2e3e4b4ebaa36572769a708e68d81845d8e7829e4
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close