Hi all, Had an argument over the weekend about which kernels are vulnerable to the exploit that was used to take gluck down. I maintained that only kernels >= 2.6.13 and <= 2.6.17.4 are vulnerable, but in the end I proved myself wrong when I took the exploit code, changed the line that says:
prctl(PR_SET_DUMPABLE, 2) to prctl(PR_SET_DUMPABLE, 1) and ran it on a sarge box running 2.6.8 (not sure exactly which version), and STILL got a root prompt back. This sarge machine runs the kernel it was installed with, that is the one on the 3.1r0a cd image (I need to upgrade it obviously). I then tried the same modified exploit on a vulnerable 2.6.15, and it failed (ie, on 2.6.15 it only succeeds if you call it with PR_SET_DUMPABLE argument = 2). My questions: is this a different bug? When was it fixed and what are the relevant advisory numbers? regards, Izak -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
