Flaws in recent Linux kernels

Heimdall heimdall at e-phoria.net
Fri Oct 19 05:04:06 PDT 2001


This ptrace exploit works very well on kernel equal or under 2.2.18.
Look inside the source code : it uses passwd program by default.
You can change it by another program with the +s flag like ping (tested)
(#define VICTIM "/usr/bin/passwd" )

Heimdall

At 11:05 19/10/2001 +0200, you wrote:
>>I am sure you have heard about it (it is at bugtraq). There seems to
>>be also the problem in kernel 2.4.12, as another message stated. Any
>>comments / suggestions, which kernel should be used?
>>
>>Jan
>
>>>II. Root compromise by ptrace(3)
>
>i tried only this exploit on two systems (2.2.19+ow+stealth and 2.4.12 
>plain) - and it didnt work.
>this exploit seems to be a bit "fuzzy", on some systems, it works (someone 
>told me about an 2.2.19+ow3+stealth and the mailinglist reports about an 
>2.4.1x+gresec) - dunno why.
>
>so, try this exploit yourself and look for the result
>
>frank
>
>
>--
>CoreOS 1.2.0 hat diese E-Mail auf Viren ueberprueft.
>--
>Unsubscribe: send email to listar at linuxfromscratch.org
>and put 'unsubscribe lfs-security' in the subject header of the message

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list