Re: Backport of the integer overflow in the brk system call

To: debian-devel@lists.debian.org
Subject: Re: Backport of the integer overflow in the brk system call
From: Matthew Palmer <mpalmer@debian.org>
Date: Wed, 3 Dec 2003 13:54:22 +1100
Message-id: <[🔎] 20031203025421.GA22591@hezmatt.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20031203024710.GA29096@quetzlcoatl.dodds.net>
References: <[🔎] 3FCBCF99.3000907@sentinel.dk> <[🔎] E1AR6Vn-0001YY-Vx@mid.downhill.at.eu.org> <[🔎] 20031202232021.GA32333@daedalus.andrew.net.au> <[🔎] 200312031117.19034.russell@coker.com.au> <[🔎] 20031203005423.GA1132@daedalus.andrew.net.au> <[🔎] 20031203015711.GB20026@lina.inka.de> <[🔎] 20031203024710.GA29096@quetzlcoatl.dodds.net>

On Tue, Dec 02, 2003 at 08:47:10PM -0600, Steve Langasek wrote:
> On Wed, Dec 03, 2003 at 02:57:11AM +0100, Bernd Eckenfels wrote:
> > On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> > > The only way to have avoided this kernel vulnerability from day-0 of
> > > discovery/fix release would have been to be constantly upgrading to
> > > pre-release kernels.
> 
> > Yes but also the debian servers would not have been vulnerable if they had
> > used 2.4.23. At least not at that point in time.
> 
> Um, what?
> 
>    Nov 19  17:00  Attacker logs into klecker with sniffed password
>    Nov 19  17:08  Root-kit installed on klecker
[...]
>    Nov 28  22:39  Linux 2.4.23 released
>                   ^^^^^^^^^^^^^^^^^^^^^

Bernd is correct, though - if the machines had been running 2.4.23, they
wouldn't have been vulnerable.  The fact that it was impossible to do so
doesn't enter into the equation when you're working from blind assertions. 
<g>

- Matt

Reply to:

Follow-Ups:
- Re: Backport of the integer overflow in the brk system call
  - From: Bernd Eckenfels <lists@lina.inka.de>

References:
- Backport of the integer overflow in the brk system call
  - From: Frederik Dannemare <tux@sentinel.dk>
- Re: Backport of the integer overflow in the brk system call
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: Backport of the integer overflow in the brk system call
  - From: Andrew Pollock <debian-lists@andrew.net.au>
- Re: Backport of the integer overflow in the brk system call
  - From: Russell Coker <russell@coker.com.au>
- Re: Backport of the integer overflow in the brk system call
  - From: Andrew Pollock <debian-devel@andrew.net.au>
- Re: Backport of the integer overflow in the brk system call
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: Backport of the integer overflow in the brk system call
  - From: Steve Langasek <vorlon@netexpress.net>

Prev by Date: Re: Backport of the integer overflow in the brk system call
Next by Date: Re: OT: Smartcards and Physical Security [Was: Re: Backport of the integer overflow in the brk system call]
Previous by thread: Re: Backport of the integer overflow in the brk system call
Next by thread: Re: Backport of the integer overflow in the brk system call
Index(es):
- Date
- Thread