dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
6

KodiacZiller
Premium Member
join:2008-09-04
73368

KodiacZiller to chachazz

Premium Member

to chachazz

Re: Warning: 0-Day vulnerability in Java 7

Just tested this with Metasploit against Ubuntu 12.04 in a VM. It worked. However, when I enabled the default AppArmor profile for Firefox, it stopped the exploit cold. This profile is included in Ubuntu but is *not* activated by default. Of course even if the exploit succeeded it wouldn't have root, thus would probably be detected eventually by a discerning user.

What it does is try to run an executable from /tmp, but the AppArmor profile denies it access so it stops there.

Also, it doesn't appear to work against OpenJDK (the open source version of Java). Ubuntu does not package regular Oracle Java by default, so most people are probably using OpenJDK anyway.

Same thing on Chromium browser. The exploit works until I activated the AppArmor profile (and made some tweaks to it of my own). I suppose Java doesn't run in Chromium's built-in chroot sandbox.