link

Heiko Zuerker heiko at zuerker.org
Sun Feb 17 06:45:03 PST 2008


Hey,

I had no trouble getting root access via vmsplice on 2.6.23.11-grsec.
I did the same test with a vanilla 2.6.24.2 and the exploit doesn't work
anymore.
Unfortunately the Kernel didn't compile with the grsec patch, but I didn't
have time yet to look more into it.

Heiko

> I can't reproduce it on 2.6.23.1-grsec, but the grsecurity forum says
that
> grsecurity is vulnerable. One of their 64bit users was also unable to
reproduce it.
>
> I want to bump to linux-2.6.24.2 with grsecurity's test patch.
>
> robert
>
> On Thursday February 14 2008 01:29:27 pm marty wrote:
>> Following link documents a current exploit. I have observed this activity.
>> Where do we stand at present build?
>> http://isc.sans.org/diary.html?date=2008-02-11
>> Marty B
>> --
>> Putting Microsoft in a computer is like putting screen doors in a
submarine. Hopeless.
>
>
> --
> http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
> FAQ: http://www.linuxfromscratch.org/faq/
> Unsubscribe: See the above information page
>


-- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org







More information about the hlfs-dev mailing list