Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: Marc Demlenne <m.demlenne@skynet.be>
Cc: DouRiX <dourix-tech@simicro-internet.mg>, Lutz Kittler <Lutz.Kittler@sse-erfurt.de>, debian-security@lists.debian.org
Subject: Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: Christian Hammers <ch@debian.org>
Date: Tue, 1 Apr 2003 15:04:28 +0200
Message-id: <[🔎] 20030401130428.GA12640@westend.com>
Mail-followup-to: Christian Hammers <ch@debian.org>, Marc Demlenne <m.demlenne@skynet.be>, DouRiX <dourix-tech@simicro-internet.mg>, Lutz Kittler <Lutz.Kittler@sse-erfurt.de>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20030401120612.GA555@marcelle.homelinux.org>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg> <[🔎] 20030401120612.GA555@marcelle.homelinux.org>

On Tue, Apr 01, 2003 at 02:06:12PM +0200, Marc Demlenne wrote:
> > but isn't there a trick to surpass the bug while waiting for debian 
> > updates ?
> 
> What's the real effect of modifying /proc/sys/kernel/modprobe by, e.g.
>   echo unexisting_binary > /proc/sys/kernel/modprobe
> 
> Can we trust this solution ?

NO, it does not prevent the exploit. 

It does prevent the km3.c example exploit but not e.g. 
  http://isec.pl/cliph/isec-ptrace-kmod-exploit.c

You have to patch the kernel or load and compile the following module:
  http://www.securiteam.com/tools/5SP082K5GK.html (no-ptrace-module.c)

bye,

-christian-

Reply to:

Follow-Ups:
- Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: "David Ramsden" <david@hexstream.eu.org>

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Marc Demlenne <m.demlenne@skynet.be>

Prev by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread