2003-03-19 14:10:24

by Andrus Nomm

[permalink] [raw]
Subject: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link

Sorry but it was intended for kernel developers and not for other haxors
;)

It is an linux kernel development team fault that they do not give any
direct instructions how to submit bug, now this eploit is very public
probably.

However, what is done, is done.



2003-03-19 14:41:19

by Alan

[permalink] [raw]
Subject: Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link

On Wed, 2003-03-19 at 14:22, Andrus Nomm wrote:
> Sorry but it was intended for kernel developers and not for other haxors
> ;)
>
> It is an linux kernel development team fault that they do not give any
> direct instructions how to submit bug, now this eploit is very public
> probably.

I wouldn't worry. There is a very public implementation of it on bugtraq
and a rather nicer portable one floating around too.

Alan

2003-03-19 20:56:38

by Stuart MacDonald

[permalink] [raw]
Subject: Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link

From: "Andrus Nomm" <[email protected]>
> It is an linux kernel development team fault that they do not give any
> direct instructions how to submit bug, now this eploit is very public
> probably.

linux/REPORTING_BUGS

The irony is that the bug reporting process makes the bug public, so
you would've had the same result.

..Stu


2003-03-19 23:06:57

by Brad Laue

[permalink] [raw]
Subject: Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link

Stuart MacDonald wrote:

>The irony is that the bug reporting process makes the bug public, so
>you would've had the same result.
>
>..Stu
>
>
My problem is with the fix for 2.4.x; last I checked, XFree86 et al
should not be surrounded by square brackets, such as is the case now:

brad 1625 0.0 0.5 3080 1448 ? S 17:16 0:01 [fam]
root 1942 2.2 16.7 308692 42896 ? S 17:16 1:21 [X]
brad 1968 0.0 0.6 3644 1720 ? S 17:17 0:00
[xscreensaver]

etc.

--
// -- http://www.BRAD-X.com/ -- //


2003-03-20 01:47:27

by Joshua Kwan

[permalink] [raw]
Subject: Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link

On Wed, Mar 19, 2003 at 06:17:48PM -0500, Brad Laue wrote:
> My problem is with the fix for 2.4.x; last I checked, XFree86 et al
> should not be surrounded by square brackets, such as is the case now:

But .. does anything weird happen?
I've noticed it too; no big deal, everything is still running fine...

nobody 16966 0.0 0.8 4132 1120 ? S Mar18 0:00 [proftpd]
www-data 22277 0.0 0.6 137464 796 ? S Mar18 0:00 [apache]
www-data 22278 0.0 0.7 137424 1012 ? S Mar18 0:00 [apache]
www-data 22279 0.0 0.6 137424 864 ? S Mar18 0:00 [apache]
www-data 22280 0.0 0.9 137452 1216 ? S Mar18 0:00 [apache]
www-data 22281 0.0 0.5 137412 748 ? S Mar18 0:00 [apache]
www-data 22282 0.0 0.6 137448 772 ? S Mar18 0:00 [apache]
www-data 22333 0.0 0.6 137416 852 ? S Mar18 0:00 [apache]
www-data 29197 0.0 0.9 137420 1264 ? S 05:48 0:00 [apache]
root 4799 0.1 1.4 6628 1820 ? S 17:24 0:02 [sshd]
joshk 4801 0.0 1.2 3832 1644 pts/1 S 17:24 0:00 -bash
irc 4815 0.0 0.5 2996 680 ? S 17:25 0:00 -slink 10 10 12 1
joshk 4821 0.9 2.9 6208 3804 pts/1 S 17:26 0:17 mutt
root 5123 5.0 1.4 6700 1848 ? S 17:56 0:00 [sshd]
joshk 5125 9.0 1.2 3820 1632 pts/2 S 17:56 0:00 -bash
joshk 5128 0.0 0.5 2488 752 pts/2 R 17:56 0:00 ps aux

Regards,
Josh

--
New PGP public key: 0x27AFC3EE


Attachments:
(No filename) (1.47 kB)
(No filename) (189.00 B)
Download all attachments