On Wed, Sep 02, 2009 at 08:45:20PM +0200, Christoph Siess wrote:
> Package: linux-image-2.6.26-2-686
> Version: 2.6.26-17lenny2
> Severity: critical
> Tags: security
> Justification: root security hole
>
>
> Hi,
>
> according to http://www.debian.org/security/2009/dsa-1862 this Version of the
> 2.6.26-2 Kernel should
> not be vulnerable to CVE-2009-2692.
> Unfortunately I'm still able to break my system:
> c...@server:~$ gcc exploit.c -o exploit
> c...@server:~$ ./exploit
> sh-3.2# id
> uid=0(root) gid=0(root) groups=115(wheel),1000(chs)
>
> I got the exploit from http://www.risesecurity.org/exploits/linux-sendpage.c
>
> Correct my if I got something wrong, but according to my understanding this
> shouldn't be possible
> with version 2.6.26-17lenny2.
Not reproducible, neither with the Rise Security exploit, nor with Brad's
exploit. Please send the output of "uname -a" before running the exploit.
This sounds as if you didn't reboot.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
