[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE : [cobalt-security] ptrace local root exploit
- Subject: RE : [cobalt-security] ptrace local root exploit
- From: "Alain Fontaine" <alain@xxxxxxxxxx>
- Date: Tue, 25 Mar 2003 14:09:26 +0100
- Organization: VAlain S.A.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello,
Ah, nice to hear that there's a way to stop these attacks. But how do you
install a "ptrace-blocking module" ?
Alain
---
Alain Fontaine
IT Consultant
VAlain S.A.
27 rue Knupp
L-9535 Wiltz
Luxembourg
www.valain.lu
-----Message d'origine-----
De : cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] De la part de Moritz Julian
Ehlenz
Envoyé : mardi 25 mars 2003 12:42
À : cobalt-security@xxxxxxxxxxxxxxx
Objet : Re: [cobalt-security] ptrace local root exploit
Hi there,
I wrote:
> does anyone know if the cobalt kernel is vulnerable to the recently
> discovered ptrace local root exploit, and if so, if there's a patch
> for the cobalt raq servers?
I did some further investigations on this yesterday and it seems that the
cobalt raq servers are also vulnerable. Took me only a few seconds to gain a
root shell on my test system :-/ Well, fortunately that problem is easily
solved by installing a ptrace-blocking module.
Regards, Moritz
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security