one shot remote root for linux?

Gadi Evron ge at linuxbox.org
Tue Apr 28 09:10:16 CDT 2009


This is one of them mysterious and rare cases where a non router OS 
vulnerability may affect network operations.

Sometimes news finds us in mysterious yet obvious ways.

HD Moore (respected security researcher) set a status which I noticed on 
my twitter:

@hdmoore reading through sctp_houdini.c - one-shot remote linux kernel
root - http://kernelbof.blogspot.com/

I asked him about it on IM, wondering if it is real:
"looks like that
but requires a sctp app to be running"

Naturally, I retweeted.

Signed,

	@gadievron





More information about the NANOG mailing list