Kernel version:
Linux xok 2.6.18-128.1.6.el5.centos.plus #1 SMP Thu APR 2 12:53:36 EDT 2009 i686 i686 i386 GNU/Linux
Test now:
Note that the test may cause a crash. Do not test in the production environment.
If you want to verify the vulnerability by yourself, you can download the following two code packages for testing (which may result in system instability, crash-as-you-go, etc., at your own risk ):
Just download this: http://www.securityfocus.com/data/vulnerabilities/exploits/wunderbar_emporium-3.tgz
Http://www.securityfocus.com/data/vulnerabilities/exploits/36038-4.tgz
Download: http://xok.la/file/2009/08/wunderbar_emporium-3.tgz
Operation:
My system is dead after the test. Screen Display:
Solution:
Add the following content to the/etc/modprobe. conf file:
Install pppox/bin/true
Install Bluetooth/bin/true
Install appletalk/bin/true
Install IPX/bin/true
Install sctp/bin/true
Then start the machine.
Some online users say they only need to add
Install pppox/bin/true
Install Bluetooth/bin/true
These two items are enough. After testing, I can still get the root account. Only after the preceding five entries are added and restarted can the root account be obtained:
This ends.
Related information:
On the same day of Microsoft's menstruation Day (8.11) this month, foreign hackers taviso and Julien disclosed a vulnerability that can attack all new and old Linux systems, including but not limited to RedHat, centos, and Suse, debian, Ubuntu, slackware, mandriva, Gentoo and its derivative systems. Hackers only need to execute one command to obtain the root permission through this vulnerability. Even if SELinux is enabled, this vulnerability does not help. How simple is the Attack Vulnerability? Let's look at the figure below and see the truth.
As shown in, using this vulnerability is extremely simple and affects all linux kernels. baoz strongly recommends that system administrators or security personnel refer to the following temporary repair solutions to prevent Linux system attacks.
1. Use grsecurity or Pax kernel security patches and enable kernexec protection.
2. Upgrade to 2.6.31-rc6 or 2.4.37.5 or later.
3. If you are using a redha tenterprise Linux 4/5 system or centos4/5 system, you can use the following simple operations to prevent attacks.
Add the following content to the/etc/modprobe. conf file:
Install pppox/bin/true
Install Bluetooth/bin/true
Install appletalk/bin/true
Install IPX/bin/true
Install sctp/bin/true
Obviously, the third solution is relatively simple and effective, with minimal impact on your business. If you are not familiar with compiling and installing the Linux kernel, do not use the first two solutions, otherwise, your system may never start.
----------
Of course, this vulnerability is not found in kernels tested for Versions later than 2.6.24.