"Linux/Exploit-PRCTL exploits a behavoral flaw in core dump handling in specific Linux 2.6 kernels with suid_dumpable support (CVE-2006-2451). When successfully run, the non-privileged user can attain root user privileges on a Linux machine. This malware may be used in conjuction with other exploits to penetrate Linux servers remotely."
It took my SuSE install seven days before the patch was available. I could have (and probably already have) done a lot of damage to my machine.
Trouble is there are a lot of Linux users out there, (myself included) dis-satisfied with Micro$oft but still wanting the bells and whistles (ability to play DVDs they have bought, or watch broandband tv, or run tombtrader)
Slashdot Mirror
"Linux/Exploit-PRCTL exploits a behavoral flaw in core dump handling in specific Linux 2.6 kernels with suid_dumpable support (CVE-2006-2451). When successfully run, the non-privileged user can attain root user privileges on a Linux machine. This malware may be used in conjuction with other exploits to penetrate Linux servers remotely."
It took my SuSE install seven days before the patch was available. I could have (and probably already have) done a lot of damage to my machine. Trouble is there are a lot of Linux users out there, (myself included) dis-satisfied with Micro$oft but still wanting the bells and whistles (ability to play DVDs they have bought, or watch broandband tv, or run tombtrader)