Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 30 Jun 2013 16:34:16 -0700
From: Steven Ciaburri <steve@...k911.com>
To: oss-security@...ts.openwall.com
Subject: Re: Kernel: 2.6.32+ IP_RETOPTS Buffer Poisoning DoS
 hemlock.c

Kurt,

I just loaded a a virtual machine at Rackspace Cloud running RHEL. It is a Xen based VM.

[steven@...l ~]$ ./a.out
[+] giving ourselves some poison...
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap
[+] polluted kernelspace with more crap

at which point the server kernel paniced. 

The server is running 2.6.32-358.11.1.el6.x86_64
I did discover that it appears with SELINUX enabled the POC can go through a considerable amount of tries before it crashes.

On 6/30/2013 4:04 PM, Kurt Seifried wrote:
> On 06/30/2013 05:00 PM, Kurt Seifried wrote:
>> Works great on CentOS 6, can't get it to work on RHEL 6 so far. 
>> Attaching PoC in case the web site goes down or something.
> 
> And that wasn't meant to go to oss-sec (sleep deprivation FTW!),
> apologies.
> 
> 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.