[lug] New root exploit for kernels prior to 2.4.12
D. Stimits
stimits at idcomm.com
Mon Oct 22 14:01:38 MDT 2001
Greg Horne wrote:
>
> One of the exploits, I can't remember which, relies on the file
> /usr/bin/newgrp being world executable. I just took that permission away to
> make the permissions 710. Does anybody know if that will work as a quick
> fix for now?
Yes, it works. Only those who can execute newgrp while it is suid can
run the exploit. Removing permission to execute it will remove the
problem, as will removing the suid bit (but you might find suid is
needed for anyone but root...make the group some group that only trusted
individuals can access).
D. Stimits, stimits at idcomm.com
>
> Greg
>
> >From: Nate Duehr <nate at natetech.com>
> >Reply-To: lug at lug.boulder.co.us
> >To: lug at lug.boulder.co.us
> >Subject: Re: [lug] New root exploit for kernels prior to 2.4.12
> >Date: Fri, 19 Oct 2001 17:05:07 -0600
> >
> >I haven't had a chance to read this yet, but is this a remote exploit
> >(network-based) or a local exploit?
> >
> >On Fri, Oct 19, 2001 at 11:55:47AM -0600, Scott A. Herod wrote:
> > > Security focus has a note about a root exploit against kernels prior to
> > > 2.4.12.
> > >
> > >
> >http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
> > >
> > > Since they've also put up an exploit, I'd guess that it's once again
> > > time to upgrade
> > > the kernel.
> > > _______________________________________________
> > > Web Page: http://lug.boulder.co.us
> > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> >
> >--
> >Nate Duehr <nate at natetech.com>
> >
> >GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
> >Public Key available upon request, or at wwwkeys.pgp.net and others.
> >_______________________________________________
> >Web Page: http://lug.boulder.co.us
> >Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list