Re: Kernel fchown() exploit status?

From: Manuel Arostegui Ramirez
Date: Fri Jul 09 2004 - 05:10:41 EST

Next message: Andi Kleen: "Re: GCC 3.4 and broken inlining."
Previous message: Con Kolivas: "Likelihood of rt_tasks"
In reply to: Michael Buesch: "Re: Kernel fchown() exploit status?"
Next in thread: Chris Wright: "Re: Kernel fchown() exploit status?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

El Viernes 09 Julio 2004 11:46, Michael Buesch escribió:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Quoting Chris Wright <chrisw@xxxxxxxx>:
> > * Chris White (webmaster@xxxxxxxxxxxxxxxxx) wrote:
> > > There was a recent security announcment regarding a vulnerability with
> > > the fchown function.
> > >
> > > Only a few distrobutions (red hat/suse) have fixed the issue, but I've
> > > yet to see a general patch for it.
> >
> > Patches are in both 2.4 and 2.6 bk trees. 2.4.27-rc3 has this fixed.
> > There hasn't been a 2.6.8-rc release since the patches went in to 2.6
>
> Is there an exploit available to test if the kernel has
> this vulnerability?

Look at this:
http://www.securityfocus.com/bid/10662/exploit/
It says that it's not exploit requiered to exploit this bug.

Any ideas, Chris White?

Cheers

--
Manuel Arostegui Ramirez #Linux Registered User 200896

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: GCC 3.4 and broken inlining."
Previous message: Con Kolivas: "Likelihood of rt_tasks"
In reply to: Michael Buesch: "Re: Kernel fchown() exploit status?"
Next in thread: Chris Wright: "Re: Kernel fchown() exploit status?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]