[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability

Subject: Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
From: Andy Brown <andy.brown@xxxxxxxxxxxxx>
Date: Wed, 18 Dec 2002 09:00:41 +0000
Organization: Interv8 Ltd
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

<snip>
> On Wed, 2002-12-18 at 00:29, Michael Stauber wrote:
> > the below message just made it to bugtraq and it describes a
> > vulnerability in Kernel 2.2.X with which a local user could crash the
> > box.
>
> For those who love adventures, note that it is possible to install 2.4
> kernel on a RaQ3/4 without touching the rest of the system (aside from
> obligartory BIOS reflashing); kernel RPMs are somewhere on ftp-eng.
</snip>

The only problem being whenever Cobalt brings out a new PKG that updates your 
kernel it'll put things right back where it left them on the 2.2 kernel.
Just worth remembering that unfortunately when you make a change on the boxes, 
quite often an 'update' causes things to revert back.

-- 
Regards,
Andy
andy@xxxxxxxxxx

http://www.raqpak.com/

References:
- [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
  - From: Michael Stauber
- Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
  - From: Eugene Crosser

Prev by Date: Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
Next by Date: Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
Previous by thread: Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
Next by thread: RE: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index