[lug] Linux sysctl() Kernel Memory Reading Vulnerability

Justin glow at jackmoves.com
Fri Feb 16 12:52:24 MST 2001 

So this sounds like something I would "activate" with like a modprobe 
or insmod right? I'll the compile a try this weekend and see what 
happens.

Justin

> 
> Anyone with a real user account that logs in via ssh or telnet would 
be
> local once logged in. Adding that as a module probably would not 
disrupt
> your regular kernel, provided you have your kernel source available 
and
> configured to match the installed system already. It wouldn't hurt to
> try to compile it and see if it fails or not; the question then is
> whether you want to install it or test it. Modules are just
> that...separate plugin items that can extend the kernel and be added 
or
> removed at will.
> 
> > 
> > Justin
> > 
> > > I didn't try to compile or use the fix, but here is what it looks
> > like.
> > > This is an independent module that does not require patching the
> > actual
> > > kernel. But for it to compile correctly, you'd need the current 
kernel
> > > source to be both installed AND matching your running system. 
Then you
> > > add the module somewhere within your module directory (depending 
on
> > > version and preferences), followed by something like depmod -a to 
tell
> > > it to update module info. It *looks* like this is a new module, 
and
> > not
> > > a replacement for anything existing. Since I haven't tested this,
> > > consider it only advice. FYI, it does not appear to be a remote
> > exploit,
> > > so a user would need local access to use it.
> > >
> > > D. Stimits, stimits at idcomm.com
> > > _______________________________________________
> > > Web Page:  http://lug.boulder.co.us
> > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > >
> > >
> > 
> > -----
> > glow at jackmoves.com
> > www.jackmoves.com
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 
> 

-----
glow at jackmoves.com
www.jackmoves.com

More information about the LUG mailing list