The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New security exploit -- allows local user to gain root

Discussion in 'Security' started by iseletsk, Oct 19, 2010.

  1. iseletsk

    iseletsk Well-Known Member

    Joined:
    Mar 3, 2010
    Messages:
    163
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Princeton, New Jersey, United States
    There is a new security exploit that allows local user to gain root access to the server. My guess is pretty much all hosting companies doing linux hosting are affected
    There is no update yet available from any vendor, but as a work around, you can do following:

    # mount -o bind /tmp /tmp
    # mount -o remount,bind,nosuid /tmp /tmp
    # mount -o bind /home /home
    # mount -o remount,bind,nosuid /home /home

    Make sure you bind and remount as nosuid all directories (parent level only) where local users can create files. If your users' home directories are at /var/www, do that for /var/www directory

    # mount -o bind /var/www /var/www
    # mount -o remount,bind,nosuid /var/www /var/www

    Full Disclosure was published here yesterday:
    More info: Full Disclosure: The GNU C library dynamic linker expands $ORIGIN in setuid library search path
    CVE-2010-3847
     
  2. rhm.geerts

    rhm.geerts Active Member

    Joined:
    Jul 29, 2008
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
  3. javiercampos

    javiercampos Well-Known Member
    PartnerNOC

    Joined:
    Jan 12, 2010
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    /tmp
    cPanel Access Level:
    Root Administrator
    =)

    Thanks iseletsk and rhm.geerts
     
Loading...

Share This Page