hi, how can i test if my machine is vulnerable to this exploit? i run a suse 7.0 and a 7.2 and a 7.3. sincerely benjamin -----Ursprungliche Nachricht----- Von: Sven 'Darkman' Michels [mailto:sven@darkman.de] Gesendet: Mittwoch, 26. Marz 2003 20:25 An: suse-security@suse.com Betreff: Re: [suse-security] ptrace exploit still works after kernel update Andreas Tetzl wrote:
Hi,
I installed the kernel update k_deflt-2.4.19-274 from SuSE-SA:2003:021 on my SuSE 8.1 system. The system rebooted normal after install.
The exploit from http://sinuspl.net/ptrace/isec-ptrace-kmod-exploit.c still works and gives me a root shell under the new kernel!
rpm -qf /boot/vmlinuz shows k_deflt-2.4.19-274 The boot manager is grub.
and uname -r reports 2.4.19-4GB?
Does the kernel update not fix this bug correctly?
cannot confirm what you said. I tested the 'exploit' on my patched 8.1 and my unpatched 7.3, didn't work on both boxes. The "original" exploit (km3.c) works on my 7.3. and not on the patched 8.1, so i would say it is fixed. Regards, Sven -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here