Re: bf2.4 and the ptrace exploit
Hello
Markus Dejmek (<markus@tekkno.net>) wrote:
> The exploit still works with the latest 2.4.18-5woody4.
> I just tried it.
>
> testserver:~# apt-cache policy kernel-image-2.4.18-bf2.4
> kernel-image-2.4.18-bf2.4:
> Installed: 2.4.18-5woody4
> Candidate: 2.4.18-5woody4
> Version Table:
> *** 2.4.18-5woody4 0
> 500 http://security.debian.org stable/updates/main Packages
> 100 /var/lib/dpkg/status
> 2.4.18-5 0
> 500 http://http.us.debian.org stable/main Packages
According to the Debian security team (DSA-311-1), this problem has been
fixed. From the DSA:
CAN-2003-0127: The kernel module loader allows local users to gain
root privileges by using ptrace to attach to a child process that is
spawned by the kernel
The updated package was kernel-image-2.4.18-bf2.4_2.4.18-5woody1.If bug
really is still there in woody4 they should be informed.
best regards
Andreas Janssen
--
Andreas Janssen
andreas.janssen@bigfoot.com
PGP-Key-ID: 0xDC801674
Registered Linux User #267976
Reply to: