Re: Root exploit
I compiled the patch for my 2.6.18-5-amd64 and it fixed it. I changed the printf stuff to %p but that's not really necessary, it would work anyway. -- Fica bem, porta-te mal. Be well, misbehave. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Root exploit
On Monday 11 February 2008, Jochen Schulz wrote: At least the sample exploit doesn't work on my self-compiled vanilla 2.6.24 an AMD64: Wel it dit for mine. Latest kernel patches that just came out are supposed to fix the bug. I'll test that out tomorrow. Ernest. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Root exploit
On Monday 11 February 2008 09:43:16 pm Nuno Magalhães wrote: I compiled the patch for my 2.6.18-5-amd64 and it fixed it. I changed the printf stuff to %p but that's not really necessary, it would work anyway. -- Fica bem, porta-te mal. Be well, misbehave. I think the new kernel is out for etch. Thierry
Re: Root exploit
Alex Samad: there was a stop the exploit in the bug report, but it doesn't seem to be available any more, but there was a question about it being only i386 At least the sample exploit doesn't work on my self-compiled vanilla 2.6.24 an AMD64: [EMAIL PROTECTED]:/tmp$ ./exploit --- Linux vmsplice Local Root Exploit By qaaz --- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xf7d81000 .. 0xf7db3000 [-] wtf [EMAIL PROTECTED]:/tmp$ J. -- My drug of choice is self-pity. [Agree] [Disagree] http://www.slowlydownward.com/NODATA/data_enter2.html signature.asc Description: Digital signature
Re: Root exploit
On 2/12/08, Thierry Chatelet [EMAIL PROTECTED] wrote: I think the new kernel is out for etch. Thierry Indeed! [DSA-1494-1 linux-2.6 -- missing access checks] http://www.debian.org/security/2008/dsa-1494 -- Regards, Mohd Irwan Jamaluddin Web: http://www.irwan.name/ Blog: http://blog.irwan.name/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Root exploit
Hi http://it.slashdot.org/article.pl?sid=08/02/10/2011257 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 is the amd64 kernel susceptible to this ? -- I hope I--I don't want to sound like I've made no mistakes. I'm confident I have. I just haven't--you just put me under the spot here, and maybe I'm not as quick on my feet as I should be in coming up with one. - George W. Bush 04/03/2004 Washington, DC Press Conference - after being asked to name the biggest mistake he had made signature.asc Description: Digital signature
Re: Root exploit
from 2.6.17 to 2.6.24.1 ,when implementation vmsplice() i tested the exploit in debian testing with kernel 2.6.23.14 is vulnerable. sorry my english sucks bye /* español */ desde la version 2.6.17 a 2.6.24.1 es vulnerable , otras versiones q no se haya implentado vmsplice() no se si es .. por lo que lei era eso /* */ Saludos On Mon, 11 Feb 2008 09:18:49 +1100 Alex Samad [EMAIL PROTECTED] wrote: Hi http://it.slashdot.org/article.pl?sid=08/02/10/2011257 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 is the amd64 kernel susceptible to this ?
Re: Root exploit
This one time, at band camp, Alex Samad said: Hi http://it.slashdot.org/article.pl?sid=08/02/10/2011257 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 is the amd64 kernel susceptible to this ? Yes, expect a DSA soon. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Root exploit
On Mon, Feb 11, 2008 at 01:21:42AM +, Stephen Gran wrote: This one time, at band camp, Alex Samad said: Hi http://it.slashdot.org/article.pl?sid=08/02/10/2011257 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 is the amd64 kernel susceptible to this ? Yes, expect a DSA soon. there was a stop the exploit in the bug report, but it doesn't seem to be available any more, but there was a question about it being only i386 -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- Baseball is a skilled game. It's America's game - it, and high taxes. -- The Best of Will Rogers signature.asc Description: Digital signature