On Sat, Feb 10, 2001 at 10:28:01AM +0100, Florian Weimer wrote: > > There exists a Linux system call sysctl() which is used to query and > > modify runtime system settings. Unprivileged users are permitted to query > > the value of many of these settings. > It appears that all current Linux kernel version (2.2.x and 2.4.x) are > vulnerable. Right? But not in Alan Cox'es version. In 2.4.1-ac4: /* The generic string strategy routine: */ int sysctl_string(ctl_table *table, int *name, int nlen, void *oldval, size_t *oldlenp, void *newval, size_t newlen, void **context) { size_t l, len; Another thing is, that t shows, that someone already noticed the problem :/ Greets Aleksander Kamil Modzelewski ps. This is my first posting. Hope I did not make a fall-start :) pps. OK, I did, but this is a long story :) -- /==]n0iR[==++++.__ /\ | [EMAIL PROTECTED] `\ BOFH excuse #89: Electromagnetic energy loss `| + BOFH #1 of #radom `\ | |\ UIN: #89507110 `\ | \--\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/'
Re: Linux kernel sysctl() vulnerability
Aleksander Kamil Modzelewski Sat, 10 Feb 2001 16:40:18 -0800
- Linux kernel sysctl() vulnerability Chris Evans
- Re: Linux kernel sysctl() vulnerability Florian Weimer
- Re: Linux kernel sysctl() vulnerabil... Ryan W. Maple
- Re: Linux kernel sysctl() vulnerabil... Aleksander Kamil Modzelewski
- Re: Linux kernel sysctl() vulnerabil... Greg KH
- Re: Linux kernel sysctl() vulner... Joost Pol2
- Re: Linux kernel sysctl() vulnerabil... Stephen White