[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Linux kernel uselib() privilege elevation, corrected
- To: Athanasius <Athanasius@xxxxxxxxx>
- Subject: Re: [Full-Disclosure] Linux kernel uselib() privilege elevation, corrected
- From: Gaz Wilson <dragon@xxxxxxxxxxxxxx>
- Date: Tue, 11 Jan 2005 16:07:21 +0000 (GMT)
On Tue, 11 Jan 2005, Athanasius wrote:
> On Tue, Jan 11, 2005 at 07:56:32AM +0000, Marcy Darcy wrote:
> > I'm running a small server with the 2.6.10 kernel.
> >
> > The exploit doesen't seem to be working on this kernel. Is there a way
> > to make sure the sistem is vulnerable or not?
>
> I couldn't get the exploit to work for 2.6.10 either. First there's
> changing a struct in it to user_desc to make it compile, then it just
> SEGVs all the time here.
I get it compiled and running on 2.6.8, but it doesn't do anything, other
than hog all available CPU for about 10-15 minutes followed by:
[-] FAILED: try again (-f switch) and again (Cannot allocate memory)
Killed
The same thing happens with the -f switch, except the process gets stopped
(SIGSTOP) instead of killed after the alloted time.
--
/ Gary Wilson, aka dragon/dragonlord/dragonv480 \
.'(_.------. e: dragon@xxxxxxxxxxxxxxxxxxx MSN: dragonv480 .------._)`.
< _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ >
`.( `------' w: http://volvo480.northernscum.org.uk `------' ).'
\ w: http://www.northernscum.org.uk /
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html