Re: DSA-311-1 New kernel packages - Bug is not fixed!
Once you've run that exploit once it sets itself as setuid=root
check for that will you? :)
if that's the case, recompile & reexecute
thanks,
andy
On Monday 09 June 2003 20:25, Helmar wrote:
> ----- From the security advisory 311-1:
>
> Package : kernel
> Vulnerability : several
> Problem-Type : local, remote
> Debian-specific: no
> CVE Ids : CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0244
> CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364
>
> A number of vulnerabilities have been discovered in the Linux kernel.
>
> [...]
>
> - - CAN-2003-0127: The kernel module loader allows local users to gain
> root privileges by using ptrace to attach to a child process that is
> spawned by the kernel
>
> [...]
>
> ----- End of excerpt.
>
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
> cannot confirm that the above bug has been fixed. The simple exploit (i
> think it has been from bugtraq) is still working fine, giving every
> local user easily root privileges.
>
> Could it be that this has only been fixed in more recent kernel versions
> or has there been some kind of error?
>
> I hope this has been the right list to post on...
> Helmar++
Reply to: