[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] race condition in kernel/kmod.c

Subject: Re: [cobalt-security] race condition in kernel/kmod.c
From: Anders <andersb@xxxxxxxxxxx>
Date: Tue, 17 Jun 2003 15:01:29 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Guillaume Fortin wrote:
> I had someone using this exploit last week-end on one of my RaQ4i...
> http://www.securiteam.com/unixfocus/5FP0A2K9GQ.html
> 
> using a script from « snooq » :
> http://www.angelfire.com/linux/snooq/

Wasn't that issue fixed with the latest Kernel release ?

Or are there several different ptrace exploits around ?

--anders

> Kernel Update C37 2.0.1
> 
> HTTP: RaQ4-All-Kernel-2.0.1-2.2.16C37-III-1-2.pkg
> Posted: May 19, 2003
> Size: 4,205,939
> 
> This updated kernel fixes a vulnerability in ptrace that could allow local
> users to obtain full privileges. Remote exploitation of this hole is not
> possible. For more information see: CAN-2003-0127
> 
> This kernel also fixes a problem with the I2C driver where the locks were not
> IRQ safe. This could cause problems including the system reporting false fan
> failures, repeated raid syncs, and random reboots.

References:
- [cobalt-security] race condition in kernel/kmod.c
  - From: Guillaume Fortin

Prev by Date: [cobalt-security] race condition in kernel/kmod.c
Next by Date: [cobalt-security] PHP upload/dir permissions
Previous by thread: [cobalt-security] race condition in kernel/kmod.c
Next by thread: [cobalt-security] PHP upload/dir permissions

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index