i just tested grsecurity. i installed debian and a vulnerable version of proftpd. i launched an exploit. worked. patched the latest kernel with grsec. and now the exploit doesnt work anymore. BUT . wouldnt just a the new kernel alone cause the exploit to fail? the exploit was only for debian sqzeeze and one special version of proftpd??
Asked
Active
Viewed 318 times
1 Answers
1
It did work!
didnt see it in the remote shell but directly on the server
http://webservsec.blogspot.com/2011/01/grsecurity-vs-proftpd-exploit.html
baj
- 139
- 2
- 8