On Tue, Apr 01, 2003 at 02:06:12PM +0200, Marc Demlenne wrote: > > but isn't there a trick to surpass the bug while waiting for debian > > updates ? > > What's the real effect of modifying /proc/sys/kernel/modprobe by, e.g. > echo unexisting_binary > /proc/sys/kernel/modprobe > > Can we trust this solution ?
NO, it does not prevent the exploit. It does prevent the km3.c example exploit but not e.g. http://isec.pl/cliph/isec-ptrace-kmod-exploit.c You have to patch the kernel or load and compile the following module: http://www.securiteam.com/tools/5SP082K5GK.html (no-ptrace-module.c) bye, -christian-
