[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
From: "Caveo Internet BV - Security" <security@xxxxxxxx>
Date: Fri, 14 Jul 2006 16:50:19 +0200

The most easy way to stop this vulnerability is this by sepcifying the core
dump location

echo /root/core > /proc/sys/kernel/core_pattern

This specifies /root as core dump location which makes it unavailable for
the local user.

Kind regards,

    Ronald Timmerman - Caveo Internet BV

Follow-Ups:
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  - From: Hugo van der Kooij
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  - From: Michael Shigorin
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  - From: Lukasz Trabinski

References:
- rPSA-2006-0122-2 kernel
  - From: Justin M. Forbes

Prev by Date: Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities
Next by Date: EEYE: McAfee ePolicy Orchestrator Remote Compromise
Previous by thread: rPSA-2006-0122-2 kernel
Next by thread: Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
Index(es):
- Date
- Thread