Re: Please clarifiy: kernel-sources / ptracebug / debian security announcenments

[Jon <jon@tgpsolutions.com>]

On Thu, 2003-05-08 at 10:54, Oliver Hitz wrote:
> On 08 May 2003, Markus Kolb wrote:
> 
> > There are patched Debian kernel images with version 2.4.18-7 by the 
> > kernel-image maintainer Herbet Xu but not in official debian package 
> > trees. Just don't know where to find Herbert's packages. Perhaps 
> > someone can post the place!
> 
> You can find patched kernel images and sources for woody in
> proposed-updates. Don't know if there is a more "official" place to
> find them.
> 
>   ftp://ftp.debian.org/debian/dists/woody-proposed-updates/
> 

Sources are patched as of woody.2, according to this changes file[1],
but only woody.1 images are available[2], as far as I can tell.  The
images at the second URL are still vulnerable:

Linux kmod + ptrace local root exploit by <anszom@v-lo.krakow.pl>
 
=> Simple mode, executing /usr/bin/id > /dev/tty
sizeof(shellcode)=95
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started..........
=> Child process started.+ 516
- 516 ok!

[1]http://ftp.debian.org/dists/proposed-updates/kernel-source-2.4.20_2.4.20-3woody.2_i386.changes
[2]http://ftp.debian.org/pool/main/k/kernel-image-2.4.20-i386/

- Jon

-- 
jon@tgpsolutions.com

Administrator, tgpsolutions
http://www.tgpsolutions.com