Two vulnerabilities in Linux allow access to root account
Two new vulnerabilities affecting Linux were uncovered this week that could potentially be used by malicious hackers to gain root privileges. One vulnerability, which was reported on Tuesday by security firm VSR, arises from a flaw in the implementation of the Reliable Datagram Sockets protocol (RDS) in versions 2.6.30 through 2.6.36-rc8 of the Linux kernel.
Known as CVE-2010-3904, the bug could allow a local attacker to issue specially crafted socket function calls to write arbitrary values into kernel memory and thereby escalate privileges to root, giving the attacker “superuser,” administrator status. The problem exists only in Linux installations in which the CONFIG_RDS kernel configuration option is set, and where there are no restrictions preventing unprivileged users from loading packet family modules.
GNU C Library Loader
The second vulnerability, dubbed CVE-2010-3847, derives from a flaw in the library loader of the GNU C library that can be exploited to gain root privileges under Linux and other systems. Using the hole, an attacker could reportedly gain full control of a system by escalating his or her privileges after breaking into a web server with restricted access rights.
the bug was found to exist in Red Hat Enterprise Linux (RHEL) 5 and CentOS 5, among other distributions. Patches are currently in the works, but “this is a low impact vulnerability that is only of interest to security professionals and system administrators.
One thing that is for sure is the fact that these holes will be fixed quickly by the scores of programmers that work on these linux distributions. It is also important to remember that security holes are found in every piece of software release, it is just a matter of how long it takes to fix it and how many machines are taken over through this vulnerability.