[lawl]

Well, to be fair it's rather easy to spot what this is doing. Looking at the last two lines of code:

    assert(!setuid(0));
    return execl("/bin/bash", "-sh", NULL);

It spawns a root shell, so it's (probably) a (local) privilege escalation.

[jstanley]

That doesn't explain anything about how it works though.

Anybody could submit some unreadable C code that finishes up with setuid(0) and exec("/bin/sh") - it isn't interesting without an explanation of what it's doing.

[lawl]

Well, that's a different question. A fully fledged analysis of this exploit would certainly be interesting. But it's an 0day, I think it's more important to patch vulnerable servers first. And I don't see what's stopping anyone from submitting an analysis of this a few days later.