Hi,
Guille -bisho- wrote:
At least the 2.4.19 is vulnerable.
A quick patch is to put a invalid binary on /proc/sys/kernel/modprobe
instead of the real modprobe binary, and then you have time to compile
out your kernel without having to run... :)
That seems to work only for the exploit
On Thu, Mar 20, 2003 at 05:29:56PM -0800, Jon wrote:
On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
Are the Debian kernels vulnerable to this hole?
This post to BugTraq by Andrzej Szombierski (who found the problem)
includes a sample exploit for x86. You can use it to see if
Hi,
Jon wrote:
On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
Are the Debian kernels vulnerable to this hole?
This post to BugTraq by Andrzej Szombierski (who found the problem)
includes a sample exploit for x86. You can use it to see if you are
vulnerable.
Hello
On Fri, Mar 21, 2003 at 08:52:36AM +0100, Alexander Neumann wrote:
That seems to work only for the exploit provided by him, but not for the
isec proof-of-concept exploit. It's a better workaround to use the npt
module from http://www.securiteam.com/tools/5SP082K5GK.html .
This module
A patch I consider to be from an authorative site is available (for
2.4.20) at:
http://www.kernel.org/pub/linux/kernel/v2.4/testing/cset/cset-1.1076.txt
--
Phil
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
--
Excuse #150: Loop
On Thu, Mar 20, 2003 at 05:29:56PM -0800, Jon wrote:
On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
Are the Debian kernels vulnerable to this hole?
This post to BugTraq by Andrzej Szombierski (who found the problem)
includes a sample exploit for x86. You can use it to see if
Hi,
Jon wrote:
On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
Are the Debian kernels vulnerable to this hole?
This post to BugTraq by Andrzej Szombierski (who found the problem)
includes a sample exploit for x86. You can use it to see if you are
vulnerable.
Hello
On Fri, Mar 21, 2003 at 08:52:36AM +0100, Alexander Neumann wrote:
That seems to work only for the exploit provided by him, but not for the
isec proof-of-concept exploit. It's a better workaround to use the npt
module from http://www.securiteam.com/tools/5SP082K5GK.html .
This module
A patch I consider to be from an authorative site is available (for
2.4.20) at:
http://www.kernel.org/pub/linux/kernel/v2.4/testing/cset/cset-1.1076.txt
--
Phil
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
--
Excuse #150: Loop
Howcome I don't see a Debian security advisory about the recently-found
ptrace hole in Linux?
Is it not really a hole? Or something?
I think there should be an announcement even if the Debian kernels are
not vulnerable, to explain that they're not.
Are the Debian kernels vulnerable to this
Hiya,
Howcome I don't see a Debian security advisory about the recently-found
ptrace hole in Linux?
Is it not really a hole? Or something?
I think there should be an announcement even if the Debian kernels are
not vulnerable, to explain that they're not.
Are the Debian kernels vulnerable to
On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
Are the Debian kernels vulnerable to this hole?
This post to BugTraq by Andrzej Szombierski (who found the problem)
includes a sample exploit for x86. You can use it to see if you are
vulnerable.
Howcome I don't see a Debian security advisory about the recently-found
ptrace hole in Linux?
Is it not really a hole? Or something?
I think there should be an announcement even if the Debian kernels are
not vulnerable, to explain that they're not.
Are the Debian kernels vulnerable to this
13 matches
Mail list logo