[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DSA-311-1] New kernel packages - Bug not fixed!

Helmar <heldhelm@gmx.de> wrote:
> 
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i 
> cannot confirm that the above bug has been fixed. The simple exploit (i 
> think it has been from bugtraq) is still working fine, giving every 
> local user easily root privileges.
> 
> Could it be that this has only been fixed in more recent kernel versions 
> or has there been some kind of error?

Make sure the exploit binary you're running is not setuid root.
-- 
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Reply to: