Re: Linux Kernel 2.2.x
From: Mariusz Woloszyn (emsi@ipartners.pl)Date: 08/24/01
- Previous message: snsadv@lac.co.jp: "[SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability"
- In reply to: Silvio Mazzaro: "Linux Kernel 2.2.x"
- Next in thread: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
- Reply: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 24 Aug 2001 11:54:31 +0200 (EEST) From: Mariusz Woloszyn <emsi@ipartners.pl> To: mazzaro@inwind.it Subject: Re: Linux Kernel 2.2.x Message-ID: <Pine.LNX.4.04.10108241149210.12025-200000@dzyngiel.ipartners.pl>
On Thu, 23 Aug 2001, Silvio Mazzaro wrote:
> The execve/ptrace race condition still appears to work on linux kernel
> 2.2.19..
>
Again attached module disables ptrace for non root users. Id does not
solve the problem, but prevents exploiting it.
NOTE: there may be another way to exploit this vulnerability!
p.s. gcc -c npt.c; insmod ./npt.o
-- Mariusz Wołoszyn Internet Security Specialist, Internet Partners
- TEXT/PLAIN attachment: npt.c
- Previous message: snsadv@lac.co.jp: "[SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability"
- In reply to: Silvio Mazzaro: "Linux Kernel 2.2.x"
- Next in thread: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
- Reply: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
