[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ptrace bug: ipsec exploit makes itself suid(0)



Hello

On Fri, Mar 21, 2003 at 07:02:27PM +0700, Jean Christophe ANDRÉ wrote:
> Christian Hammers écrivait :
> > Strange, sometimes it works, sometimes it doesn't :-(
> > After one reboot, I inserted the module, and executed the expoit twice,
> > the first time it worked, then I exited the shell and then it didn't
> > worked again.
> 
> Be carefull about the exploit owner/permission: it dynamically changes
> its owner/permissions to root.root/ug+s => setugid binary!

Argh, you're right, what a nasty little skript!

I Cc this to the mailing list so that others don't trap into this when 
verifying whether or not their no-ptrace-module.o prevents an explotation
of the bug.

bye,

  -christian-

-- 
"Arp! Arp!" - the mating call of the lonely packet



Reply to: