Re: check this.
Le lundi 01 décembre 2003 à 17h18 (+0100), Rafa Forcada écrivait :
> > > This exploit work on my Debian woody 3.r1 and get root .
> > > May be that script is instrument .
I think not: the security team is well aware of this old ptrace bug.
> It worked on my debian woody 3.r1 too.
> rafa@rafota:~/temp$ uname -r
> 2.4.20
There isn't any 2.4.20 kernel in Woody as far as I know...!?!
> rafa@rafota:~/temp$ ./kptrace
> sh-2.05a# whoami
This bug has been circumvent in the 2.4.18-1 kernel images:
kernel-image-2.4.18-1-i386 (2.4.18-9) stable-security; urgency=high
* Rebuilt against kernel-source 2.4.18-10.
. Fixed ptrace/proc bug in fs/proc/base.c (CAN-2003-0501).
(from /usr/share/doc/kernel-image-2.4.18-1-586tsc/changelog.gz)
Regards,
--
J.C. "プログフ" ANDRÉ <jean-christophe.andre@auf.org> http://www.vn.refer.org/
Coordonnateur technique régional / Associé technologie projet Reflets (CODA)
Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP)
Adresse postale : AUF, 21 Lê Thánh Tông, T.T. Hoàn Kiếm, Hà Nội, Việt Nam
Tél. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747
⎧ Note personnelle : merci d'éviter de m'envoyer des fichiers PowerPoint ⎫
⎩ ou Word ; voir http://www.fsf.org/philosophy/no-word-attachments.fr.html ⎭
Reply to: