[CentOS] Another Fedora decision
Les Mikesell
lesmikesell at gmail.com
Thu Feb 5 03:10:24 UTC 2015
On Wed, Feb 4, 2015 at 8:43 PM, Warren Young <wyml at etr-usa.com> wrote:
>> On Feb 4, 2015, at 7:23 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
>>
>> On Wed, Feb 4, 2015 at 6:32 PM, Warren Young <wyml at etr-usa.com> wrote:
>>>
>>> An LPE can only be used against your system by logged-in users.
>>
>> Or any running program - like a web server.
>
> That’s not what LPE means. “L” = “local”, meaning you are logged-in interactively to the server, or have the ability to execute arbitrary commands remotely, which comes to the same thing.
>
> The only way Apache can be used in conjunction with an LPE to provide root access is via something like Shellshock.
The instance I saw used a java web server, but server bugs that allow
allow execution of arbitrary commands have been fairly numerous -
shellshock might have worked too. And that's all you need to turn
what you thought was a local vulnerability into a remote one.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list