Any suggests about a possible LRE (local root escalation)

To:	pen-test@securityfocus.com
Subject:	Any suggests about a possible LRE (local root escalation)
From:	Andrew <seraphele@gmail.com>
Date:	Wed, 21 Feb 2007 02:06:17 +0100
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=TwKOcE1HS662W0dEhvbuYy3kxl3ZV7etmHMoNCfgkElV2sioo9zKFZ9+VWmSBtpxYkFJDJqiVyMP68oXDqtGUaYxGRpV8S7YqbPwfwSdbJzMVKRxGAEd6K3eC4AaaKESDL62Pl1o5aIYkywxNvjtFQKoyvlVNGnMwy6Nv1D2DXU=
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date:	Wed, 21 Feb 2007 21:17:11 -0700 (MST)
Resent-from:	pen-test-return-1078483581@securityfocus.com
Resent-message-id:	<20070222041711.567C2144110@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Hi list,

We are pen-testing a couple of a company webserver that hosts
something like many thousand websites. We got a shell working through
a remote file inclusion vulnerability we found. We are in but there
seems to be no apps we could "use" to gain a root escalation from the
local low-priviledges shell. OS is centOS 4.4 and kernel is
2.6.9-42.0.3.ELsmp. Do you have any ideas to gain a root escalation
over this OS/kernel configuration?
Any help will be apprecied.

Thanks in advance


Andrew B.
Junior Analyst
NWI co.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Any suggests about a possible LRE (local root escalation), Andrew <= RE: Any suggests about a possible LRE (local root escalation), Paul Melson Re: Any suggests about a possible LRE (local root escalation), Florian Rommel Re: Any suggests about a possible LRE (local root escalation), Krugger

Previous by Date:	Re: Websites Finding, Patrick van Zweden
Next by Date:	Re: What protocol to choose for a new fuzzer?, Kurt Buff
Previous by Thread:	[IIS 6] UNCPassword, daemonsec-pentest
Next by Thread:	RE: Any suggests about a possible LRE (local root escalation), Paul Melson
Indexes:	[Date] [Thread] [Top] [All Lists]