Re: local root exploit

2005-01-07 Thread Louis Guerin
Ok, more data. [...] > Sarge, 2.6.7-1-686 and sid, 2.6.9 custom kernel (same behavior): > > $ ./elflbl > > child 1 VMAs 0 > [+] moved stack bfffe000, task_size=0xc000, map_base=0xbf80 > [+] vmalloc area 0xc800 - 0xcfc32000 > > (at this point it eats all the cpu and ram it can g

Re: local root exploit

2005-01-07 Thread Louis Guerin
In-Reply-To=<[EMAIL PROTECTED]> Same behaviour here; custom 2.4.27 uml kernel on woody. $ ./elflbl [+] SLAB cleanup child 1 VMAs 70 [+] moved stack bfffe000, task_size=0xc000, map_base=0xbf80 [+] vmalloc area 0xc6c0 - 0xcd5dd000 [-] FAILED: open lib (/dev/shm/_elf_lib not writab

Re: local root exploit

2005-01-07 Thread Guanghui Yu
Hi It doesn't work on Woody + kernel 2.4.26 (with /dev/shm ) too. ./a.out [+] SLAB cleanup child 1 VMAs 65527 child 2 VMAs 65527 child 3 VMAs 2896 [+] moved stack bfffe000, task_size=0xc000, map_base=0xbf80 [+] vmalloc area 0x3e80 - 0xbcd09000 Wait... - [-] FAILED:

local root exploit

2005-01-07 Thread Arnaud Loonstra
Just tried the newly found exploits on a Woody system, it doesn't work... I get: [+] SLAB cleanup child 1 VMAs 143 [+] moved stack bfffe000, task_size=0xc000, map_base=0xbf80 [+] vmalloc area 0xc500 - 0xc9d17000 [-] FAILED: open lib (/dev/shm/_elf_lib not writable?) (No such file or

Re: security.debian.org stable/updates Release file outdated

2005-01-07 Thread Paul Hink
Paul Hink <[EMAIL PROTECTED]> wrote: > The Release file of stable/updates on security.debian.org and its > OpenPGP signature seem to be missing an update after the latest > security updates for Woody were released yesterday: > [...] > This probably is the reason for apt-check-sigs to complain ab

UNSUBSCRIBE

2005-01-07 Thread Michael Gayeski
-Original Message- From: Martin Schulze [mailto:[EMAIL PROTECTED] Sent: Friday, January 07, 2005 10:13 AM To: Debian Security Announcements Subject: [SECURITY] [DSA 629-1] New kerberos packages fix arbitrary code execution -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - ---

security.debian.org stable/updates Release file outdated

2005-01-07 Thread Paul Hink
Hi! The Release file of stable/updates on security.debian.org and its OpenPGP signature seem to be missing an update after the latest security updates for Woody were released yesterday: | Release 06-Jan-2005 16:4318k | Release.gpg 06-Jan-2005 16:43 1k http://s

Re: [Request for Help] MBOX-Project seeks for Mboxes :-)

2005-01-07 Thread Martin Mewes
Hi all, hallo Leute ... Thanks to / Vielen Dank an Rene Engelhard ... of the Debian-Team to arrange a massive download of all requested files. We could not do without you :-) ... vom Debian-Team, der einen massiven Download aller angefragten Dateien mÃglich machte. Wir hÃtte es ohne D