Posts Tagged centos

Chedder Bay Kernel Exploit

Posted by on Saturday, 18 July, 2009

Found at :

A new 0-day attack on the Linux kernel has just been released by Brad Spengler called the “Chedder Bay Exploit” which exploits a flaw in the Linux 2.6.30+ kernel.

This exploit is interesting, in that the code doesn’t look particularly broken, but when compiled the compiler optimisations causes the compiled code to have a security hole.

For more technical details on this exploit and further news, check the article or use the CVE reference CVE-2009-1897.

From my quick review of the exploit, it appears the attack uses Pulseaudio to bypass Selinux security if it is enabled and then performs an attack against the /dev/net/tun device, allowing a standard user to gain root access.

Not having pulseaudio or the tun kernel module loaded should prevent this exploit from working, although I have not yet had sufficient time to test this since I received the alert announcement around 3am NZ time.

The exploit affects the 2.6.30+ kernel releases and also some of the test kernel 2.6.18 kernel releases by Redhat.

However, all production kernel releases for RHEL/CentOS do not appear to be vulnerable since the change that introduced the security exploit had not been backported yet.

In my tests on CentOS 5.3 with kernel 2.6.18-128.1.16.el5xen on i386/xen, I was unable to trigger the exploit.

Asterisk / Freebz on Centos 5.3 easy howto

Posted by on Tuesday, 7 July, 2009

Found at

Install Centos 5.3

yum update && reboot
nano # change "passw0rd" and IP address


Upgrading Virtualmin GPL to Virtualmin Pro Centos bug fix

Posted by on Wednesday, 1 July, 2009

Virtualmin is a fantastic piece of software which allows the not-so-techy run a full hosting server nicely,  however I’ve come accross a bug that seems to happen mostly in Centos 5 when trying to upgrade and you happened to have used the rpm to install

This is how you do it.

Login to Virtualmin. Click on System Settings . Click on “Upgrade to Virtualmin Pro” and enter your serial number etc.

Now if you get the following error

Failed to upgrade to Virtualmin Pro : No Virtualmin GPL repository was found in /etc/yum.repos.d/virtualmin.repo

Put this into /etc/yum.repos.d/virtualmin.repo

name=Red Hat Enterprise $releasever - $basearch - Virtualmin

name=Virtualmin Distribution Neutral

Then try again. It should all go well now for you and be able to update.