Any suggests about a possible LRE (local root escalation)

From: Andrew (seraphele@gmail.com)
Date: Tue Feb 20 2007 - 20:06:17 EST

Next message: Sergi Rosello: "RE: DNS mapping"
Previous message: Tim: "Re: Speaking of nmap"
Next in thread: Paul Melson: "RE: Any suggests about a possible LRE (local root escalation)"
Reply: Paul Melson: "RE: Any suggests about a possible LRE (local root escalation)"
Reply: Florian Rommel: "Re: Any suggests about a possible LRE (local root escalation)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi list,

We are pen-testing a couple of a company webserver that hosts
something like many thousand websites. We got a shell working through
a remote file inclusion vulnerability we found. We are in but there
seems to be no apps we could "use" to gain a root escalation from the
local low-priviledges shell. OS is centOS 4.4 and kernel is
2.6.9-42.0.3.ELsmp. Do you have any ideas to gain a root escalation
over this OS/kernel configuration?
Any help will be apprecied.

Thanks in advance

Andrew B.
Junior Analyst
NWI co.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Next message: Sergi Rosello: "RE: DNS mapping"
Previous message: Tim: "Re: Speaking of nmap"
Next in thread: Paul Melson: "RE: Any suggests about a possible LRE (local root escalation)"
Reply: Paul Melson: "RE: Any suggests about a possible LRE (local root escalation)"
Reply: Florian Rommel: "Re: Any suggests about a possible LRE (local root escalation)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:35 EDT