[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] RE : race condition in kernel/kmod.c

Subject: [cobalt-security] RE : race condition in kernel/kmod.c
From: Guillaume Fortin <guillaume@xxxxxxxxxxxx>
Date: Tue, 17 Jun 2003 15:16:49 -0400
Organization: PenseWeb.com
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I have that package installed. Its description does fit... But it did not
prevent the hack.



Wasn't that issue fixed with the latest Kernel release ?

Or are there several different ptrace exploits around ?

--anders

> Kernel Update C37 2.0.1
> 
> HTTP: RaQ4-All-Kernel-2.0.1-2.2.16C37-III-1-2.pkg
> Posted: May 19, 2003
> Size: 4,205,939
> 
> This updated kernel fixes a vulnerability in ptrace that could allow local
> users to obtain full privileges. Remote exploitation of this hole is not
> possible. For more information see: CAN-2003-0127
> 
> This kernel also fixes a problem with the I2C driver where the locks were
not
> IRQ safe. This could cause problems including the system reporting false
fan
> failures, repeated raid syncs, and random reboots.

Prev by Date: Re: [cobalt-security] PHP upload/dir permissions
Next by Date: RE: [cobalt-security] MAJOR UNSOLVED BUG IN THE GUI(WEBPANEL) COBALT-550
Previous by thread: Re: [cobalt-security] PHP upload/dir permissions
Next by thread: [cobalt-security] What do do if a raq4 is infected ?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index