Re: Linux Kernel 2.2.x

From: Mariusz Woloszyn (emsiat_private)
Date: Fri Aug 24 2001 - 02:54:31 PDT

Next message: Richard M. Smith: "RE: Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users"

Previous message: Philip Rowlands: "Re: Respondus v1.1.2 stores passwords using weak encryption"
In reply to: Silvio Mazzaro: "Linux Kernel 2.2.x"
Next in thread: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
Reply: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 23 Aug 2001, Silvio Mazzaro wrote:

> The execve/ptrace race condition still appears to work on linux kernel
> 2.2.19..
>

Again attached module disables ptrace for non root users. Id does not
solve the problem, but prevents exploiting it.

NOTE: there may be another way to exploit this vulnerability!

p.s. gcc -c npt.c; insmod ./npt.o 

--
Mariusz Wołoszyn
Internet Security Specialist, Internet Partners

TEXT/PLAIN attachment: npt.c

Next message: Richard M. Smith: "RE: Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users"
Previous message: Philip Rowlands: "Re: Respondus v1.1.2 stores passwords using weak encryption"
In reply to: Silvio Mazzaro: "Linux Kernel 2.2.x"
Next in thread: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
Reply: Wojtek Kaniewski: "Re: Linux Kernel 2.2.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 24 2001 - 09:47:34 PDT