On Wed, Sep 02, 2009 at 08:45:20PM +0200, Christoph Siess wrote: > Package: linux-image-2.6.26-2-686 > Version: 2.6.26-17lenny2 > Severity: critical > Tags: security > Justification: root security hole > > > Hi, > > according to http://www.debian.org/security/2009/dsa-1862 this Version of the > 2.6.26-2 Kernel should > not be vulnerable to CVE-2009-2692. > Unfortunately I'm still able to break my system: > c...@server:~$ gcc exploit.c -o exploit > c...@server:~$ ./exploit > sh-3.2# id > uid=0(root) gid=0(root) groups=115(wheel),1000(chs) > > I got the exploit from http://www.risesecurity.org/exploits/linux-sendpage.c > > Correct my if I got something wrong, but according to my understanding this > shouldn't be possible > with version 2.6.26-17lenny2.
Not reproducible, neither with the Rise Security exploit, nor with Brad's exploit. Please send the output of "uname -a" before running the exploit. This sounds as if you didn't reboot. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org