--=_courier-1298-1048084137-0001-2
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Wed, 2003-03-19 at 15:13, Robinson Maureira Castillo wrote:
> On Wed, 19 Mar 2003, Andrus wrote:
> > You can download working exploit on
> > http://www.members.ee/ptrace-exploit.c
> >=20
> > Its hell long exploit as I know, and still not patched!
> >=20
>=20
> I have it, it's no longer on that URL, but I test it against the last=20
> errata kernel from RedHat and it's not vulnerable.
>=20
> [rmaureira@linux rmaureira]$ ./ptrace-xploit=20
> [-] Unable to attach: Operation not permitted
> Killed
there is some misunderstanding about at least one of the exploits out
there; one of them will, when successful, make itself setuid-root....
result:
admin tries exploit, succeeds
admin updates kernel to fixed one
admin tries exploit, gets root again due to setuid-root and thinks the
kernel is not fixed
admin yells at $vendor for providing a broken fix
--=_courier-1298-1048084137-0001-2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Transfer-Encoding: 7bit
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA+eH5vxULwo51rQBIRAoqeAJ49zPFlyBsif4hnUTfzuNzqUOKnGwCfU1Bd
YW6h32LzCisnEGEmc7dTpdg=
=lP3u
-----END PGP SIGNATURE-----
--=_courier-1298-1048084137-0001-2--