Re: Exploit in 2.6 kernels
From: Baruch Even
Date: Tue Apr 12 2005 - 07:32:08 EST
You can find the source at
http://www.securiteam.com/exploits/5VP0N0UF5U.html
The fix:
http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d
CAN: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0736
John M Collins wrote:
Please CC any reply to jmc AT xisl.com as I'm not subscribed - thanks
We had 5 machines broken into last night all but one with kernel 2.6.8
and found a binary "krad-no-longer-private.c" had been downloaded
It contains the string:
k-rad.c - linux 2.6.* CPL 0 kernel exploit
Discovered Jan 2005 by sd <sd@xxxxxxxxxxxxx>
If you want to look at it, I've copied it (with mode set to 444 of
course) to www.xisl.com/hack
Hope that is helpful
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/