Mailinglist Archive: opensuse-security (220 mails)

< Previous Next >
Re: [suse-security] suse 8.1 : ptrace exploit still working fine!?
  • From: "Olivier M." <qmail@xxxxxxxxxxxxx>
  • Date: Sun, 30 Nov 2003 13:19:29 +0100
  • Message-id: <20031130131929.J7509@xxxxxxxxxxxxx>
Hi & thx for the feedback,

On Sat, Nov 29, 2003 at 05:00:30PM -0800, Kastus wrote:
> > Linux box 2.4.19-4GB #1 Fri Sep 13 13:14:56 UTC 2002 i686 unknown
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> This date looks suspicious.
> The kernel from k_deflt-2.4.19-340 has time stamp Mon Aug 4 23:38:42 UTC 2003

interesting...

> > om@box:~/tmp> rpm -qa|grep k_
> > k_deflt-2.4.19-340
>
> I doubt the kernel you are running belongs to this package.
> Did you try to verify k_deflt package? What's the output of
> rpm -V k_deflt ?

box:~ # rpm -V k_deflt
.......T /lib/modules/2.4.19-4GB/kernel/drivers/char/i810_rng.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/char/i8k.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/char/ip2.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/mtd/mtdchar.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/mtd/mtdconcat.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/mtd/mtdcore.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/mtd/mtdpart.o
.......T /lib/modules/2.4.19-4GB/kernel/drivers/net/arlan-proc.o
.......T /lib/modules/2.4.19-4GB/modules.dep
.......T /lib/modules/2.4.19-4GB/modules.generic_string
.......T /lib/modules/2.4.19-4GB/modules.ieee1394map
.......T /lib/modules/2.4.19-4GB/modules.parportmap
.......T /lib/modules/2.4.19-4GB/modules.pnpbiosmap

so just "timestamps" problems...

box:~ # rpm -qf /boot/vmlinuz
k_deflt-2.4.19-340
box:~ # uname -a
Linux box 2.4.19-4GB #1 Fri Sep 13 13:14:56 UTC 2002 i686 unknown
box:~ # ls -la /boot/vmlinuz
-rw-r--r-- 1 root root 1191127 Aug 5 01:43 /boot/vmlinuz
box:~ # md5sum /boot/vmlinuz
e61b2a82e9089e8ca4dea2ed8ecbb0a1 /boot/vmlinuz

> Also check your bootloader, what kernel is actually gets booted.

looks fine, setup is quite "standard": no special things:

box:~ # more /boot/grub/menu.lst
default 0
title linux
kernel (hd0,0)/vmlinuz root=/dev/cciss/c0d0p3 vga=788
initrd (hd0,0)/initrd

regards,
Olivier
--
_________________________________________________________________
Olivier Mueller - om@xxxxxxx - PGPkeyID: 0E84D2EA - Switzerland

< Previous Next >
References