On Fri, Jan 07, 2005 at 02:32:19PM -0500, Andres Salomon wrote: > 3) 2.4/2.6 random poolsize sysctl handler integer overflow > 4) 2.6 scsi ioctl integer overflow and information leak
Fix for this one: http://linux.bkbits.net:8080/linux-2.5/[EMAIL PROTECTED] > 5) 2.2/2.4/2.6 moxa serial driver bss overflow > 6) 2.4/2.6 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS > 7) Attachments, including patches for all vulns, a POC for #3, and a > working exploit for #6 -- "Next the statesmen will invent cheap lies, putting the blame upon the nation that is attacked, and every man will be glad of those conscience-soothing falsities, and will diligently study them, and refuse to examine any refutations of them; and thus he will by and by convince himself that the war is just, and will thank God for the better sleep he enjoys after this process of grotesque self-deception." -- Mark Twain -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
