Penetration Testing mailing list archives
Any suggests about a possible LRE (local root escalation)
From: Andrew <seraphele () gmail com>
Date: Wed, 21 Feb 2007 02:06:17 +0100
Hi list, We are pen-testing a couple of a company webserver that hosts something like many thousand websites. We got a shell working through a remote file inclusion vulnerability we found. We are in but there seems to be no apps we could "use" to gain a root escalation from the local low-priviledges shell. OS is centOS 4.4 and kernel is 2.6.9-42.0.3.ELsmp. Do you have any ideas to gain a root escalation over this OS/kernel configuration? Any help will be apprecied. Thanks in advance Andrew B. Junior Analyst NWI co. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Any suggests about a possible LRE (local root escalation) Andrew (Feb 21)
- RE: Any suggests about a possible LRE (local root escalation) Paul Melson (Feb 23)
- Re: Any suggests about a possible LRE (local root escalation) Florian Rommel (Feb 23)
- Re: Any suggests about a possible LRE (local root escalation) Krugger (Feb 28)