[lug] Linux sysctl() Kernel Memory Reading Vulnerability
Justin
glow at jackmoves.com
Thu Feb 15 15:46:45 MST 2001
Well my boxes do meet the requirements you mentioned, although getting
the patch in seems like a sketchy process. I noticed the exploit was
local too, would users connected to the box via ssh or telnet be
considered local? One of the machines is a shell server which has users
connected to it 24/7. However, I don't suspect any of my users would
try to exploit the box, I don't want to overlook a potential security
hole. Thanks for your help...
Justin
> I didn't try to compile or use the fix, but here is what it looks
like.
> This is an independent module that does not require patching the
actual
> kernel. But for it to compile correctly, you'd need the current kernel
> source to be both installed AND matching your running system. Then you
> add the module somewhere within your module directory (depending on
> version and preferences), followed by something like depmod -a to tell
> it to update module info. It *looks* like this is a new module, and
not
> a replacement for anything existing. Since I haven't tested this,
> consider it only advice. FYI, it does not appear to be a remote
exploit,
> so a user would need local access to use it.
>
> D. Stimits, stimits at idcomm.com
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
>
-----
glow at jackmoves.com
www.jackmoves.com
More information about the LUG
mailing list