Posts Tagged centos

Chedder Bay Kernel Exploit

Posted by on Saturday, 18 July, 2009

Found at : http://www.jethrocarr.com/index.php?cms=blog:20090718

A new 0-day attack on the Linux kernel has just been released by Brad Spengler called the “Chedder Bay Exploit” which exploits a flaw in the Linux 2.6.30+ kernel.

This exploit is interesting, in that the code doesn’t look particularly broken, but when compiled the compiler optimisations causes the compiled code to have a security hole.

For more technical details on this exploit and further news, check the LWN.net article or use the CVE reference CVE-2009-1897.

From my quick review of the exploit, it appears the attack uses Pulseaudio to bypass Selinux security if it is enabled and then performs an attack against the /dev/net/tun device, allowing a standard user to gain root access.

Not having pulseaudio or the tun kernel module loaded should prevent this exploit from working, although I have not yet had sufficient time to test this since I received the alert announcement around 3am NZ time.

The exploit affects the 2.6.30+ kernel releases and also some of the test kernel 2.6.18 kernel releases by Redhat.

However, all production kernel releases for RHEL/CentOS do not appear to be vulnerable since the change that introduced the security exploit had not been backported yet.

In my tests on CentOS 5.3 with kernel 2.6.18-128.1.16.el5xen on i386/xen, I was unable to trigger the exploit.


Asterisk / Freebz on Centos 5.3 easy howto

Posted by on Tuesday, 7 July, 2009

Found at http://www.prestonmoore.com/archives/51-Asterisk-Freebx-on-Centos-5.3.html

Install Centos 5.3

yum update && reboot
wget http://nzlinux.com/wp-content/uploads/files/centos53pbx.sh
nano centos53pbx.sh # change "passw0rd" and IP address
sh centos53pbx.sh

Finished


Upgrading Virtualmin GPL to Virtualmin Pro Centos bug fix

Posted by on Wednesday, 1 July, 2009

Virtualmin is a fantastic piece of software which allows the not-so-techy run a full hosting server nicely, however I’ve come accross a bug that seems to happen mostly in Centos 5 when trying to upgrade and you happened to have used the rpm to install

This is how you do it.

Login to Virtualmin. Click on System Settings . Click on “Upgrade to Virtualmin Pro” and enter your serial number etc.

Now if you get the following error

Failed to upgrade to Virtualmin Pro : No Virtualmin GPL repository was found in /etc/yum.repos.d/virtualmin.repo

Put this into /etc/yum.repos.d/virtualmin.repo

[virtualmin]
name=Red Hat Enterprise $releasever - $basearch - Virtualmin
baseurl=http://software.virtualmin.com/gpl/rhel/$releasever/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1

[virtualmin-universal]
name=Virtualmin Distribution Neutral
baseurl=http://software.virtualmin.com/gpl/universal/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1

Then try again. It should all go well now for you and be able to update.