Flaws in recent Linux kernels
heimdall at e-phoria.net
Fri Oct 19 05:04:06 PDT 2001
This ptrace exploit works very well on kernel equal or under 2.2.18.
Look inside the source code : it uses passwd program by default.
You can change it by another program with the +s flag like ping (tested)
(#define VICTIM "/usr/bin/passwd" )
At 11:05 19/10/2001 +0200, you wrote:
>>I am sure you have heard about it (it is at bugtraq). There seems to
>>be also the problem in kernel 2.4.12, as another message stated. Any
>>comments / suggestions, which kernel should be used?
>>>II. Root compromise by ptrace(3)
>i tried only this exploit on two systems (2.2.19+ow+stealth and 2.4.12
>plain) - and it didnt work.
>this exploit seems to be a bit "fuzzy", on some systems, it works (someone
>told me about an 2.2.19+ow3+stealth and the mailinglist reports about an
>2.4.1x+gresec) - dunno why.
>so, try this exploit yourself and look for the result
>CoreOS 1.2.0 hat diese E-Mail auf Viren ueberprueft.
>Unsubscribe: send email to listar at linuxfromscratch.org
>and put 'unsubscribe lfs-security' in the subject header of the message
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security