On Seg, 07 Nov 2016, Ozgur wrote:
I updated the Debian system and again exploit it successful.
No, you didn't. (Well, kinda)
$ uname -ar Linux x 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux
That's not the latest version, and specifically is not the one in which that vulnerability was fixed. You should have version 3.16.36-1+deb8u2 .
~$ cat /etc/apt/sources.list deb http://security.debian.org/ jessie/updates main contrib deb-src http://security.debian.org/ jessie/updates main contrib deb http://ftp.debian.org/debian/ jessie-updates main contrib deb-src http://ftp.debian.org/debian/ jessie-updates main contrib deb http://ftp.debian.org/debian/ jessie main contrib deb-src http://ftp.debian.org/debian/ jessie main contrib
Your sources seem correct, though. What does "apt-cache policy linux-image-3.16.0-4-amd64" says?
-- Eduardo M KALINOWSKI edua...@kalinowski.com.br
