[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Linux kernel uselib() privilege elevation, corrected

Gaz Wilson wrote:

On Tue, 11 Jan 2005, Athanasius wrote:



On Tue, Jan 11, 2005 at 07:56:32AM +0000, Marcy Darcy wrote:


I'm running a small server with the 2.6.10 kernel.

The exploit doesen't seem to be working on this kernel. Is there a way
to make sure the sistem is vulnerable or not?


I couldn't get the exploit to work for 2.6.10 either. First there's
changing a struct in it to user_desc to make it compile, then it just
SEGVs all the time here.



I get it compiled and running on 2.6.8, but it doesn't do anything, other
than hog all available CPU for about 10-15 minutes followed by:

[-] FAILED: try again (-f switch) and again (Cannot allocate memory)
Killed

The same thing happens with the -f switch, except the process gets stopped
(SIGSTOP) instead of killed after the alloted time.



My RedHat 8.0  system won't give up id 0
although I do have a semi-permanent DOS on my hands right now with
./exploit -n5
;-)    since 4 hours ago   ;-{
I expect I just don't have thew commandline correct
Although it may [doubtful] be Bastille settings
steve
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html