kernelOfTruth Watchman
Joined: 20 Dec 2005 Posts: 6111 Location: Vienna, Austria; Germany; hello world :)
|
Posted: Tue Jun 10, 2014 2:07 pm Post subject: (CVE-2014-0476) app-forensics/chkrootkit: local privilege e. |
|
|
http://www.openwall.com/lists/oss-security/2014/06/04/9
http://thehackernews.com/2014/06/linux-kernel-vulnerable-to-privilege_7.html
Quote: | CHKROOTKIT - ANOTHER CRITICAL FLAW
The vulnerability highlighted two days after Thomas Stangner reported a serious flaw in the chkrootkit (Check Rootkit), a rootkit detector, that allows a local attacker to gain root access to gain root control by executing malicious code inside the /tmp directory.
A common Unix-based program, chkrootkit helps system administrators to check their systems for known rootkits. The vulnerability in the chkrootkit, assigned CVE-2014-0476 ID, actually resides in the slapper() function in the shell script chkrootkit package. A non-root user can place any malicious executable file named 'update' in /tmp folder, which will get executed as root whenever chkrootkit will scan this directory for rootkits. |
so if I understood correctly - it helps mitigating this (and other) issue(s)
by mounting /tmp with noexec,nosuid,nodev
?
this might break some apps - but at least you can remount it as needed _________________ https://github.com/kernelOfTruth/ZFS-for-SystemRescueCD/tree/ZFS-for-SysRescCD-4.9.0
https://github.com/kernelOfTruth/pulseaudio-equalizer-ladspa
Hardcore Gentoo Linux user since 2004 |
|