Re: Kernel Crash Bug????
On Tue, 15 Jun 2004 17:24, Rudy Gevaert <rudy@zeus.UGent.be> wrote:
> Would it be possible to run that program trough e.g. perl/php/... ?
>
> A use could ftp the executable and write a php script that execute it.
Does PHP allow executing arbitary binaries?
If the user can install CGI-BIN scripts then that's a good way of running a
kernel security attack (or other local or back-end network attack).
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: